Report by Picus

Red Report 2025

10 FINDINGSPublished Feb 1, 2025
View Original Report →

Key Findings

On average, malware now executes 14 malicious actions.

PicusRed Report 2025·Feb 1, 2025

There has been a 3X increase in malware specifically targeting credential stores like password managers and browser-stored login data.

PicusRed Report 2025·Feb 1, 2025

Process Injection (T1055) has a prevalence rate of 31%.

PicusRed Report 2025·Feb 1, 2025

On average, malware now executes 14 malicious actions.

PicusRed Report 2025·Feb 1, 2025

25% of the malware examined showed behaviours related to T1555 (Credentials from Password Stores).

PicusRed Report 2025·Feb 1, 2025

Process Injection (T1055) has a prevalence rate of 31%.

PicusRed Report 2025·Feb 1, 2025

There has been a 3X increase in malware specifically targeting credential stores like password managers and browser-stored login data.

PicusRed Report 2025·Feb 1, 2025

93% of all malicious actions observed could be mapped to just 10 MITRE ATT&CK techniques.

PicusRed Report 2025·Feb 1, 2025

93% of all malicious actions observed could be mapped to just 10 MITRE ATT&CK techniques.

PicusRed Report 2025·Feb 1, 2025

25% of the malware examined showed behaviours related to T1555 (Credentials from Password Stores).

PicusRed Report 2025·Feb 1, 2025