Recherche : [trends] - Cyberveille

M-Trends 2025: Data, Insights, and Recommendations From the Frontlines https://cloud.google.com/blog/topics/threat-intelligence/m-trends-2025/?hl=en

25/04/2025 09:41:54

M-Trends 2025 data is based on more than 450,000 hours of Mandiant Consulting investigations. The metrics are based on investigations of targeted attack activity conducted between Jan. 1, 2024 and Dec. 31, 2024. Key findings in M-Trends 2025 include:

55% of threat groups active in 2024 were financially motivated, which marks a steady increase, and 8% of threat groups were motivated by espionage.
Exploits continue to be the most common initial infection vector (33%), and for the first time stolen credentials rose to the second most common in 2024 (16%).
The top targeted industries include financial (17.4%), business and professional services (11.1%), high tech (10.6%), government (9.5%), and healthcare (9.3%).
Global median dwell time rose to 11 days from 10 days in 2023. Global median dwell time was 26 days when external entities notified, 5 days when adversaries notified (notably in ransomware cases), and 10 days when organizations discovered malicious activity internally.

M-Trends 2025 dives deep into the aforementioned infostealer, cloud, and unsecured data repository trends, and several other topics, including:

Democratic People's Republic of Korea deploying citizens as remote IT contractors, using false identities to generate revenue and fund national interests.
Iran-nexus threat actors ramping up cyber operations in 2024, notably targeting Israeli entities and using a variety of methods to improve intrusion success.
Attackers targeting cloud-based stores of centralized authority, such as single sign-on portals, to gain broad access.
Increased targeting of Web3 technologies such as cryptocurrencies and blockchains for theft, money laundering, and financing illicit activities.

How Low Can You Go? An Analysis of 2023 Time-to-Exploit Trends https://cloud.google.com/blog/topics/threat-intelligence/time-to-exploit-trends-2023?hl=en

23/10/2024 11:01:54

Mandiant analyzed 138 vulnerabilities that were disclosed in 2023 and that we tracked as exploited in the wild.

NVD Analysis Report https://www.fortressinfosec.com/nvd-analysis-report

27/07/2024 13:08:45

The following estimates are calculated using data from the NVD Dashboard. At the time of this reports generation, NVD's 2024 daily average for analyzing new CVEs is 30.27. There is a current backlog of 16777 CVEs awaiting analysis. With an average influx of 111.07 new CVEs per day, a daily average of 217.93 analyses is required to clear this backlog and process new CVEs. Currently, NVD is falling short of this goal by 187.66 CVEs a day. Given this data, if the current daily rate of CVE analysis persists, the projected number of CVEs awaiting analysis by the end of 2024 will be 29462.6.

Ransomware tracker: The latest figures [August 2023] https://therecord.media/ransomware-tracker-the-latest-figures

16/08/2023 10:13:30

The number of ransomware attacks posted on extortion websites shot up to a record high in July, with ransomware gangs publicly claiming more than 15 attacks per day on average.

In total there were 484 ransomware attacks in July, compared to 408 the previous month, according to data collected by Recorded Future from extortion sites, government agencies, news reports, hacking forums, and other sources.

Intelligence Insights: October 2022 https://redcanary.com/blog/intelligence-insights-october-2022/

24/10/2022 07:01:47

AdSearch ghosts, Qbot returns with new tricks, and PureCrypter loads malware treats.

Liens par page

Filtres