2025 Threat Report

What challenges will your organization have to face in 2025? How can you adjust your roadmap to strengthen your security posture?

Discover the summary and recommendations from the Advens CERT, in collaboration with our Audit and SOC teams.

 

With this report, you'll learn more about:

👾 The evolution of the cyber threat landscape in 2024
👨🏻‍💻 The new techniques used by cyber attackers
🕵️ The importance of intelligence in the current geopolitical context
🚨 The vulnerabilities you should pay close attention to in 2025

mockup-rapport-menaces-2025-EN-Cover-x3

Threat landscape report available for free 👇

Evolution of the cyber threat landscape between 2023 and 2024

+14%
cyber attacks
80%
attacks use stolen data
+37,6%
published vulnerabilities
244
vulnerabilities exploited by attacker groups through ransomware

Cybersecurity: what are the main challenges in 2025?

Despite increased investments and a market growing by 15% per year, the cyber threat continues to evolve!

🤖 Artificial intelligence, widely covered in the media in 2024, is everywhere — including on the attackers’ side!
🔒 Data theft is becoming more massive and targets everyone, especially through infostealers.
👾 The number of public vulnerabilities has exploded, with a worrying focus on those affecting security products.
🏭 Industrial environments (OT) have been heavily targeted by threats.

hacker

What defense strategies can be adopted against new cyber threats?

cybersecurity

To face these challenges, your organization must strengthen its security posture.
That’s precisely why our experts, drawing on their extensive experience, publish an annual report on the state of the cyber threat landscape.

With this report, you’ll discover the key initiatives to launch in 2025, including:

- strengthening MFA,
- implementing a tiering model,
- monitoring data leaks,
- reviewing remote access,
- hardening systems and backups...

 

🎁 And for the first time this year, our CERT teams share an analysis of the action plans recommended to our clients—based on hundreds of incident response engagements in 2024!

FAQ

The four most common attack vectors are still phishing and its variants (SMShing, Vishing, etc.), the malicious use of leaked accounts, the exploitation of unpatched vulnerabilities, and the misuse of misconfigured components. This top 4 is expected to remain stable, but the ways attackers exploit these weaknesses are likely to evolve.

Our threat landscape report provides a comprehensive overview of the 2024 threat environment.

👉 To learn more, you can download it for free.

Les 3 secteurs les plus ciblés : industrie manufacturière, santé et agroalimentaire.

L’industrie manufacturière et l’agro-alimentaire sont des secteurs ciblés par les cybercriminels, car une attaque sur ce type d’organisation a des impacts immédiats sur la capacité de production et donc le chiffre d’affaires. Ces structures représentent des cibles rentables pour les attaquants.

 

Le secteur de la santé, quant à lui, est ciblé car il permet de mener à bien des opérations de déstabilisation, contre un État, une administration ou une population.

 

Quel que soit votre secteur d'activité, il est essentiel de protéger votre organisation !

👉 Découvrir les recommandations des experts Advens

A CERT (Computer Emergency Response Team) is a specialized team responsible for detecting, preventing, and responding to cybersecurity incidents. It monitors threats, analyzes attacks, and coordinates actions to minimize their impact. Companies and institutions can rely on these experts to strengthen their resilience against cyberattacks.

The Advens CERT shares its analysis and recommendations in our latest threat landscape report.

👉 You can download it for free to learn more.