It’s AI really Restoration of the cyber-threatening landscape, or the constant eardrum of excitement, which drown with a real, more sensitive, real danger? According to Picus Labs Red Report 2025 In which more than a million samples of malware are analyzed, there has not been a significant overvoltage. Yes, opponents certainly continue innovation, and although II will certainly start playing a greater and big role, the latest data suggest that a set of known tactics, methods and procedures (TTPS) is still dominated in the industry.
The noise around artificial intelligence certainly dominates the media headlines; However, data in the real world paint a much more nuanced picture that thrive threats to malware, and why. Here is a view of the most important conclusions and trends that form the most detailed competition companies in the year and what steps of cybersecurity teams should take them to answer them.
Why the excitement of AI lacking … at least
While the titles trumpets II, as one in the size of a new secret weapon for cybercriminals, statistics-and-still reveals a completely different story. Really, after data parsing, Picus Labs did not find a significant rise in the AI -based tactics in 2024. Yes, the opponents began to include II to improve efficiency, such as developing more reliable phishing sheets or creating/ debuging malicious code, but they have not yet undergone the transformation force of AI overwhelmingly. Really, data from Red Report 2025 shows that you can still disrupt most of the attacks by focusing on proven TTPS.
“Security teams should prefer the definition and elimination of critical gaps in defense rather than secure the potential II influence.” – Picus Red Report 2025
The theft accounts are more than 3 times (8% → 25%)
The attackers are increasingly aiming at the passwords, accounts that store the browser, and cached inputs using stolen keys to escalate privileges and spread in networks. This three -time leap emphasizes the urgent need for constant and reliable management of powers in combination with active threats.
Modern malicious Infosteeler orchestral multi -stage hens style mixing stealth, automation and perseverance. With legitimate processes containing harmful operations and actual everyday network traffic, hiding pre -loaded data, bad actors can allocate data directly under the proclamation of your team, is not required in Hollywood style. Think about this as a digital equivalent of a perfect choreographic hacking. Only criminals do not peel off in a vacation car; They are silently hiding, waiting for your next step or opening.
93% malware uses at least one top -10 MITER ATT & CK Technique
Despite the wide Frame Miter ATT & CK®Most opponents follow the main set of TTPS. Among the best 10 ATT & CK methods given in the Red Report, the following exploration methods and stealth remain the most used:
Combined effect? The legitimate processes that seem to use legitimate tools to collect and transfer data on widely used network channels. Not surprisingly, these methods can only be difficult to detect signature -based methods. However, the use of behavioral analysis, especially when several methods are used to monitor and data ratio together, greatly facilitates the anomalies. Security teams should focus on finding a harmful activity that seems virtually indistinguishable from regular network traffic.
Back to the basics for better protection
Today’s threats often unite many stages of the attack to penetrate, persist and exploit. As long as one step will be determined, the attackers may have already moved to the next one. Thus, while the threat landscape is undoubtedly complicated, the silver lining, revealed in the red report of 2025, quite simple: Most current malicious activities actually rotate around a small set of attack methods. Following the current foundations of cybersecurity, such as strict protection accounting, extended threats and permanent security check, organizations can confidently ignore the tsunami ai excitement and focus instead of resisting the threats that are actually targeting today.
Ready to cut through the excitement of the II and strengthen the defense?
While the headings are recorded on AI, Picus Security, Pioneer Violation and Modeling Attack (BAS) Since 2013, the methods and methods that attackers actually use: tested TTPS are carefully focused on the methods and methods. The Picus security platform constantly evaluates and strengthens the protection of organizations, emphasizing the basics such as protecting accounts and rapid detection of threats.
Ready to see the difference for yourself? Download Picus Red 2025 report either visit picusssecurity.com To learn how to adjust the excitement and keep real threats in fear.
Note: This article wrote Doctor assumes that Oarlah.
