Red Canary’s 2025 Threat Detection Report reveals a four-fold rise in identity attacks over 2024, reflecting an increase in cloud-native and identity-targeted methods. Other emerging threats include ‘ClickFix’ or ‘fakeCAPTCHA’, social engineering attacks, and ‘LLMJacking’, which involves targeting AI services. Other notable findings include a surge in macOS malware and increased exploitation of remote monitoring tools. The report advises organisations to limit unauthorised VPN activity, manage identities, prioritise patching, ensure proper configurations and assess defences regularly.
How new malware SHELBY targets telecom via phishing
Elastic Security Labs has identified a new malware named SHELBY that targets Iraqi telecoms using a phishing attack. The malware has two components, SHELBYLOADER and
