Skip Navigation
Get a Demo
 
Threat Detection Report

Trends

Red Canary performed an analysis of emerging and significant trends that we’ve encountered in confirmed threats, intelligence reporting, and elsewhere over the past year. We’ve compiled the most prominent trends of 2024 in this report to show major themes that may continue into 2025.

Ransomware

Ransomware continues to surge year-over-year, and payout demands are only getting higher.

Initial access tradecraft

Sketchy CAPTCHAs, fake updates, social engineering, and more; adversaries continued their masquerading, tricking users throughout 2024.

Identity attacks

Thanks to new partnerships and technology, Red Canary detected four times as many identity threats in 2024 than the year before.

Vulnerabilities

In 2024, Red Canary tracked vulnerabilities in software such as Fortinet FortiClient EMS, ScreenConnect, and various VPN products.

Stealers

There is no better way to compromise identities en masse than deploying info-stealing malware.

Insider threats

North Korean insider threats made headlines in 2024, prompting organizations to apply greater scrutiny to both their threat detection and their hiring practices.

VPN abuse

Adversaries consistently abuse virtual private networks when attempting to compromise identities, but distinguishing this behavior from authorized employee use is not so simple.

Cloud attacks

While we saw a general rise in cloud attacks in 2024, the techniques adversaries employ have largely stayed the same.

Mac malware

macOS stealers ran rampant throughout most of 2024, until Apple remediated Gatekeeper bypassing from macOS Sequoia.

Emerging threats

Read about some of the newer activity clusters the Red Canary Intelligence team is tracking in our Field Guide.

Where Next

TOP 10
Threats

We’ve analyzed the most prevalent threats occurring in our customer environments.

TOP 10
Techniques

We’ve analyzed the most prevalent techniques occurring in our customer environments.

Security gaps? We got you.

Get curated insights on managed detection and response (MDR) services, threat intelligence, and security operations—delivered straight to your inbox every month.

 
 
 
 
Back to Top