Red Canary's mid-year 2025 Threat Detection Report warns that "identity is the new battleground" as attackers pivot toward cloud and identity-based targets, reports Information Security Buzz.The company reports a 500% year-over-year jump in cloud account detections, a surge driven by expanded monitoring and AI tools tuned for login anomalies. Two cloud-related tactics, "Data from Cloud Storage" and "Disable or Modify Cloud Firewall," entered the top 10 detected threats for the first time, highlighting risks from both misconfiguration and credential theft. Phishing continues to evolve, with only 16% of flagged emails proving malicious but growing use of tools like Google Translate to evade filters. The Scarlet Goldfinch campaign has shifted from fake browser updates to malicious code delivered via fake CAPTCHA prompts. Co-founder Keith McCammon stressed the need for faster, more nuanced detection across fragmented systems. Red Canary urges stronger identity controls, cloud hardening, user training, and vigilant monitoring of VPN and RMM activity.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds