LevelBlue is proud to current the second version of our biannual Risk Tendencies Report! This report builds on what we began in our first version, offering cybersecurity groups with important insights into present threats.
Our second version delves into menace actor exercise noticed within the first half of 2025 by LevelBlue Managed Detection and Response (MDR) and LevelBlue Labs menace intelligence groups. With this report, our group gives in-depth evaluation into the ways utilized and exploited by attackers and supplies suggestions on easy methods to defend your surroundings.
Our analysis signifies social engineering continues to be the first vector for preliminary entry and compromise, as menace actors perceive the only manner into your surroundings is commonly the entrance door they had been invited by way of by the end-user. Coupled with developments in AI, attackers are shortly mastering the artwork of deception to realize an preliminary foothold and evade detection.
Report Highlights Embody:
Social engineering is on the rise, as noticed in ClickFix and different pretend CAPTCHA assaults. Our report advises easy methods to educate your staff and harden your surroundings towards these campaigns.
Breakout instances are reducing, with menace actors now transferring laterally underneath 60 minutes, and in some circumstances underneath quarter-hour. Our analysts uncover their ways and supply steerage for stopping lateral motion.
Distant monitoring and administration (RMM) methods are key to understanding what to anticipate inside your surroundings earlier than an incident happens. We offer a evaluation of RMM methods noticed in incidents, together with which instruments are generally deployed and/or exploited by menace actors.
Our group at LevelBlue works diligently to watch and research present tendencies to help in securing our prospects and companions towards rising threats. This report supplies one other manner for our group to share data on the newest threats with our present and future companions within the cybersecurity group.
Obtain the report right here to be taught extra in regards to the largest tendencies in 2025, which emphasizes the significance of organizational person safety consciousness and training to fight the rise in social engineering ways.
The content material offered herein is for common informational functions solely and shouldn’t be construed as authorized, regulatory, compliance, or cybersecurity recommendation. Organizations ought to seek the advice of their very own authorized, compliance, or cybersecurity professionals relating to particular obligations and threat administration methods. Whereas LevelBlue’s Managed Risk Detection and Response options are designed to assist menace detection and response on the endpoint degree, they don’t seem to be an alternative to complete community monitoring, vulnerability administration, or a full cybersecurity program.