Threat Zone 2025
Our annual research of the cyber threat landscape in Russia and other CIS countries
About
In the continuation of our annual research, we present our new report Threat Zone 2025. Inside, you will find information about the most significant activity clusters that the BI.ZONE Threat Intelligence team tracked in 2024, as well as case studies from BI.ZONE DFIR and BI.ZONE TDR.
The research consists of three parts, each providing profiles of malicious clusters classified according to their motivation:
Wolves
Financial gain
Werewolves
Espionage
Hyenas
Hacktivism
Threat Zone 2025 is a practical guide to help you navigate the current threat landscape, understand the motivations and approaches of the threat actors, and, most importantly, build up effective defenses
29
threat actor profiles covered in Threat Zone 2025
40+
recommendations for detecting the attacker methods and tools
10 threat landscape features
The key features recorded by BI.ZONE Threat Intelligence in 2024:
-
Trusted relationship attacks via smaller suppliers
-
Applications sourced from Russian darknet
-
Experimental post-exploitation frameworks
-
Phishing through government impersonation
-
Traffic tunneling
-
Customized command and script interpreters
-
Destructive espionage
-
Data published on underground forums
-
Threat actor collaboration
-
Increased ransom demands
More from Threat Zone 2025
The research features the attacker techniques, tools, and ways to detect them, namely:
- Most affected industries
- Popular methods for gaining initial access
- Top 10 attacker techniques
