LevelBlue is proud to current the second version of our biannual Menace Tendencies Report! This report builds on what we began in our first version, offering cybersecurity groups with important insights into present threats.
This version covers risk actor exercise noticed within the first half of 2025 by the LevelBlue Managed Detection and Response (MDR) Safety Operations workforce and the LevelBlue Labs risk intelligence workforce. All through this report, our workforce presents in-depth evaluation into the ways being utilized and exploited by risk actors and offers suggestions on shield your surroundings.
Our analysis signifies social engineering continues to be the first vector for preliminary entry and compromise, as risk actors perceive the only approach into your surroundings is commonly the entrance door they have been invited by by the end-user. Coupled with developments in AI, attackers are shortly mastering the artwork of deception to realize an preliminary foothold and evade detection.
Report Highlights Embrace:
- Enterprise E mail Compromise (BEC) stays prevalent, typically delivered through phishing campaigns and using credential harvesters to realize fast entry and persistence.
- Social engineering is on the rise, as noticed in ClickFix and different pretend CAPTCHA assaults. This report discusses educate your staff and harden your surroundings in opposition to these campaigns.
- This version features a assessment of distant administration instruments (RMM) noticed in incidents, together with which instruments are generally deployed and/or exploited by risk actors. That is key to understanding what’s and isn’t anticipated inside your surroundings earlier than an incident happens.
Our workforce at LevelBlue works diligently to observe and examine present traits to help in securing our prospects and companions in opposition to rising threats. This report offers one other approach for our workforce to share data on the most recent threats with our present and future companions within the cybersecurity group.
Obtain the report right here to study extra concerning the greatest traits in 2025, which emphasizes the significance of organizational person safety consciousness and schooling to fight the rise in social engineering ways.
The content material supplied herein is for common informational functions solely and shouldn’t be construed as authorized, regulatory, compliance, or cybersecurity recommendation. Organizations ought to seek the advice of their very own authorized, compliance, or cybersecurity professionals relating to particular obligations and danger administration methods. Whereas LevelBlue’s Managed Menace Detection and Response options are designed to help risk detection and response on the endpoint degree, they don’t seem to be an alternative choice to complete community monitoring, vulnerability administration, or a full cybersecurity program.
