Cisco Talos Blog


In 2024, threat actors prioritized stealth, simplicity, and efficiency

Cisco Talos’ Year in Review reveals insights into how cyber criminals carried out their campaigns, and what made an attack successful. Read about threat actor activities across topics including top targeted vulnerabilities, network-based attacks, email threats, adversary toolsets, identity attacks, multi-factor authentication abuse, ransomware, and AI-based threats.

Download now

New group RansomHub climbed the ranks by targeting large operations in pursuit of hefty payouts

Identity-based attacks were dominant, accounting for 60% of all Cisco Talos Incident Response cases.

Ransomware actors successfully disabled security solutions in 48% of their attacks last year

Generative AI tools have enabled more sophisticated social engineering attacks

Watch: Key Takeaways

In this two minute animated video, learn the key ways in which attackers targeted organizations in 2024

View on YouTube


The data in Talos’ Year in Review covers January 1, 2024 to December 31, 2024. We analyzed:

Featured

Available now: 2024 Year in Review

Download Talos' 2024 Year in Review now, and access key insights on the top targeted vulnerabilities of the year, network-based attacks, email threats, adversary toolsets, identity attacks, multi-factor authentication (MFA) abuse, ransomware and AI-based attacks.

Recent
March 31, 2025 07:00

Beers with Talos: Year in Review episode

In this podcast, Joe, Hazel, Bill and Dave break down Talos' Year in Review 2024 and discuss how and why cybercriminals have been leaning so heavily on attacks that are routed in stealth in simplicity.