#USA #Cybersecurity #Redwood City #Ontinue #MFA

An In-Depth Look at Ontinue's 1H 2025 Threat Intelligence Report

Introduction
In the rapidly evolving landscape of cybersecurity, Ontinue stands out as a key player. The company recently released its 1H 2025 Threat Intelligence Report, which sheds light on major trends and significant advancements in cyber threats. With an impressive track record, having been named the 2023 Microsoft Security Services Innovator of the Year, Ontinue dissects critical data regarding identity theft, ransomware, and emerging cybersecurity challenges.

Key Findings
The findings from the report illustrate a concerning uptick in attacks that bypass Multi-Factor Authentication (MFA). Ontinue identified that nearly 40% of intrusions into Azure environments involved attackers employing multiple persistence techniques. In addition, the report highlighted that 20% of active incidents capitalized on replaying stolen refresh tokens, a technique that allows cybercriminals to evade MFA protections even after password changes.

The report also elaborated on phishing, revealing that over 70% of phishing emails managed to sneak by traditional security filters by utilizing non-traditional payloads such as SVG and IMG formats, which are less frequently monitored.

Resurgence of USB Malware
Perhaps one of the most eye-opening metrics pertains to the resurgence of USB-borne malware, with attacks increasing by 27% compared to late 2024. This indicates a shift in tactics among cyber criminals who are turning back to established methods that exploit removable media. A recent study confirms that 51% of USB threats can bring about considerable disruption, especially in industrial and enterprise settings.

Third-Party Risk Escalation
The report also underscores an alarming trend regarding third-party risks. Incidents stemming from vendor compromises doubled year-on-year, marking nearly 30% of all breaches tied to vulnerabilities in supply chains. This statistic serves as a stark reminder that organizations must maintain stringent checks and balances within their vendor management protocols to mitigate external threats.

Ransomware Still a Major Concern
Despite reported ransom payments declining by 35%, the frequency of ransomware attacks continues to be distressingly high, with more than 4,000 reported breaches globally in the first half of the year. Notable groups such as CL0P and AKIRA remain active, underlining that while cybercriminals adapt, the threat from ransomware persists.

Expert Insights
Craig Jones, Ontinue's Chief Security Officer, commented, "Cybercriminals are operating with the speed and adaptability of modern businesses. They pivot, rebrand, and retool in weeks, not months." He emphasizes that organizations must not treat cybersecurity as a static effort but as a dynamic process led by continuous intelligence. Similarly, Balazs Greksza, Director of Threat Response, pointed out the importance of blending technical skills with human behavioral insights in order to tackle ever-evolving threats effectively.

Recommended Defensive Measures
To help organizations navigate these challenges, the report suggests various proactive defensive measures. These include:

• - Phishing-resistant MFA: Adopting advanced forms of multi-factor authentication that can withstand modern phishing tactics.
• - Hardened endpoint configurations: Reinforcing configurations to limit the attack surface available to cybercriminals.
• - Robust vendor management: Implementing thorough vendor risk management frameworks to identify and mitigate potential external threats.
• - Integrating real-world threat intelligence: Organizations are urged to incorporate current threat intelligence into their security testing to ensure that defenses remain relevant against evolving adversary techniques.

Conclusion
In sum, Ontinue's 1H 2025 Threat Intelligence Report serves as a vital tool for organizations striving to bolster their cybersecurity. It spotlights key trends that can no longer be overlooked, reinforcing the message that sustained vigilance and adaptability are paramount in today’s unpredictable digital landscape. As security vulnerabilities continue to emerge, industries must remain proactive, shoring up their defenses against a tide of increasingly sophisticated cyber threats.

For further insights, the full report and additional resources are available for download on Ontinue's website.