H2 2025 Cyberseer SOC Threat Findings Report
H2 2025 SOC Threat Findings Report
Five Critical Threats. Strategic Insights.
Actionable Recommendations
The Cyberseer SOC Threat Findings Report is based on real security incidents investigated by Cyberseer’s 24/7 Security Operations Centre during the second half of 2025.
Drawing on threat data from live customer environments across the UK, this report highlights the most prevalent attack techniques, fastest adversary breakout times, and the operational gaps most commonly exploited by attackers.
In the fastest cases, attackers progressed from initial access to lateral movement and privilege escalation in under 48 minutes, leaving little margin for manual detection and response.
Why This Matters?
Speed isn’t just an operational advantage, it’s a compliance requirement.
This report reveals five high-impact threats, strategic insights from global partners, and actionable recommendations for UK organisations.
What's Inside?
Five Priority Threat Cases:
1. AMOS macOS-Stealer
Targeting insurance sector endpoints.
2. Lumma Stealer Variant
Hidden in trojanised Putty downloads.
3. Fortigate Brute-Force Attempts
Exploiting CVE-2024-47574.
4. ClickFix Social Engineering
Attack chain using Windows+R.
5. Gh0st RAT Malware
Delivered via Encrypted File Attachments.
Actionable Recommendations to Strengthen Your Security Posture
Strategic Insights from Microsoft, CrowdStrike, Mandiant and Google Cloud Security.
Cyberseer Advantage
Speed:
Under 1 minute alert acknowledgement, 14.3 minute response
Expertise:
Human + AI detection for advanced threats
Partnerships:
Microsoft, Darktrace, Mandiant, Google Cloud Security, Exabeam, CrowdStrike, Reliaquest
UK Focus:
Local insights informed by global intelligence
About the Research
This report is produced by Cyberseer, a UK-based security operations specialist supporting organisations with 24/7 threat detection and response. The findings are drawn from real-world SOC investigations, threat analysis and incident response activity observed during the second half of 2025.
Want to discuss how these findings impact your organisation?
Enhance your cybersecurity posture and embrace the future of threat detection with Cyberseer’s SOC and MDR services.
Review blogs of newly discovered threats and smart technologies written by the Cyberseer SOC team.e
Have questions, need assistance, or ready to enhance your cybersecurity strategy? Our team at Cyberseer is here to help. Reach out to us for personalised and expert advice.