Cloud accounts come under attack as identity threats rise

No Comments

The latest Threat Detection Report update from Red Canary shows a rise of almost 500 percent in detections associated with cloud accounts during the first half of 2025.

This significant rise stems primarily from Red Canary’s expanded identity detection coverage and the implementation of AI agents designed to identify unusual login patterns and suspicious user behaviors. This includes identifying logins from unusual devices, IP addresses, and virtual private networks (VPNs), which significantly increases the detection of risky behaviors.

Two new cloud-related techniques -- Data from Cloud Storage and Disable or Modify Cloud Firewall -- have also entered the top 10 detected techniques. These represent a growing focus not just on explicit threats but on risky behaviors that can be the precursors to potential breaches.

“As organizations increasingly adopt cloud-based identity providers, infrastructure, and applications, our midyear update highlights the impact on threat detection. Security teams are evolving their endpoint-focused strategies to approaches that recognize more nuanced risks across dispersed environments," says Keith McCammon, co-founder of Red Canary. "Unlike endpoint, where most of the data and context required for threat detection and response stems from a single source, identity and cloud threat detection requires visibility and correlation across disparate systems, coupled with a platform and team capable of performing timely investigations."

Red Canary’s analysis of tens of thousands of user-reported phishing emails finds that only 16 percent were actual threats. But despite this low percentage, phishing remains a critical attack vector, emphasizing the need for organizations to create feedback loops so that they can continually mature their ability to quickly identify genuine threats when they arise.

The report also reveals that the Scarlet Goldfinch threat, that previously relied on fake browser updates, has pivoted to using fake CAPTCHA paste-and-run techniques to entice victims into executing malicious code.

You can find out more in the full report, available from the Red Canary site.

Image credit: achirathep.gmail.com/depositphotos.com

No Comments
Got News? Contact Us

Recent Headlines

Financial sector faces surge in cyber threats

Exaforce brings AI to the security operations center

Human risk and Gen AI-driven data loss top CISO concerns

Google to block sideloading of apps from unverified developers

xAI is suing Apple and OpenAI for anticompetitive behavior

YouTube has been using AI on the sly to enhance creators’ videos

Rise of the robots: RealSense and Nvidia team up on physical AI

Most Commented Stories

Extended Windows 10 support means ditching your local account for a Microsoft Account

20 Comments

Forget Windows 11, Windows 12.2 is the 'next evolution' of Microsoft's OS

15 Comments

UpDownTool lets you move from Windows 11 to Windows 10 in just 5 clicks -- without losing any data

7 Comments

Google makes cheaper YouTube Premium Lite available more widely

7 Comments

Why using a VPN is becoming more important than ever

6 Comments

Opera files antitrust complaint against Microsoft in Brazil, alleging unfair browser restrictions on Windows

5 Comments

Microsoft Recall is bad at filtering sensitive information

5 Comments

Microsoft slowly rolls out a button allowing Windows 10 users to refuse Windows 11

4 Comments

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.