Cisco Talos' annual report analyzes threat trends based on incident response data, highlighting identity-based attacks (60% of cases) and MFA bypass techniques (e.g., push fatigue, misconfigured policies). The 2025 report notes increased MFA spray attacks targeting IAM infrastructure and device compromise attacks for persistent access.
