New LevelBlue Threat Trends Report gives critical insights into threats

Read Time:1 Minute, 35 Second

LevelBlue is pleased to announce the launch of the LevelBlue Threat Trends Report! This biannual report, which is a collaboration between various LevelBlue Security Operations teams, is a must-have for security practitioners at organizations of all sizes. It provides relevant, actionable information about ongoing threats as well as guidance on how organizations can work to secure themselves against these threats.

In this edition, our analysts review attacks and threat actor techniques observed by LevelBlue in the second half of 2024 (from June through November). Additionally, our Incident Response team, which provides support and guidance to customers during and after incidents, reviews 12 compromises, 10 of which involved known ransomware groups. In each case, the team recommends hardening and mitigation techniques that can be used to safeguard against these attacks.

Other report highlights include:

Phishing-as-a-Service (PhaaS) is on the rise. The report contains an in-depth analysis of RaccoonO365, a recently identified PhaaS kit, including details on the infection process and a list of the top 10 active domains associated with RaccoonO365 based on our telemetry.
The most common attacks observed by our teams during the second half of 2024 were business email compromise (BEC). And these attacks were most successful when they combined credential harvesting techniques with phishing. Of the BEC attacks observed, 96% involved phished users.
The top five malware families observed during the second half of 2024 accounted for more than 60% of the malware hits on our customers.

At LevelBlue, our goal is not only to provide a portfolio of industry-leading managed security services to help protect organizations against threats but also to share intelligence and contribute in a meaningful way to strengthening cyber defenses across the globe.

Download the new LevelBlue Threat Trends Report for more critical insights on current and emerging threats and guidance on how to secure your organizations against them!

Get the Report

European Journalists Targeted by Paragon Spyware, Citizen Lab Confirms

Paragon Spyware used to Spy on European Journalists

Ransomware Gang Exploits SimpleHelp RMM to Compromise Utility Billing Firm

Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft

South African man imprisoned after ransom demand against his former employer

Inside a Dark Adtech Empire Fed by Fake CAPTCHAs

Airlines Secretly Selling Passenger Data to the Government

Sweden says it is under cyber attack

Cybersecurity Warrior-Leaders: Self and Team Care