(TLP:CLEAR) Huntress 2025 Cyber Threat Report: Proliferating RATs, Evolving Ransomware, and Other Findings

Summary: Huntress released their 2025 Cyber Threat Report this week highlighting key findings from the past year, offering a snapshot of the past year’s most common threats. The insights provide actionable guidance to help stay one step ahead of ever-evolving cyber threats.

Analyst Comment: Many of Huntress’s top takeaways include threat actor activities that WaterISAC has tracked as key threats to the water sector (see the additional reading section below). The mitigations included in the report are valuable steps utilities can take to defend against current cyber threats and the report’s findings can help utilities prioritize which mitigation recommendations are most important to focus on. Combining these priorities with the 12 Cybersecurity Fundamentals for Water and Wastewater Utilities can be a powerful combination.

The report’s top takeaways include:

• Remote access trojans (RATs) are more popular
• Remote monitoring and management (RMM) tools are being exploited
• Ransomware strategies are evolving
• Living off the land (LoTL) tactics are on the rise
• Phishing tactics are becoming more advanced.

Original Source: https://www.huntress.com/blog/huntress-2025-cyber-threat-report-proliferating-rats-evolving-ransomware-and-other-findings

Additional Reading:

• Threat Awareness – Phishing Campaign Uses REMCOS RAT to Exploit Victims
• Cyber Resilience – CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan
• Ransomware Resilience – The Always Shifting Ransomware Landscape
• (TLP:CLEAR) WaterISAC Advisory – PRC-sponsored Volt Typhoon Activity and Supplemental Living Off the Land Guidance

Related WaterISAC PIRs: 6, 8, 10, 12