The Kaspersky Security Services report describes cyberattack trends and statistics revealed by the Managed Detection and Response service. The report also includes Incident Response findings based on real-world cases identified and mitigated in 2025.

Securelist is a cybersecurity blog and research platform operated by Kaspersky Lab. It offers insights, analysis, and reports on cybersecurity threats, vulnerabilities, and malware campaigns. Developers can learn about emerging cyber threats, security best practices, and mitigation strategies to protect their applications and systems. Additionally, Securelist provides insights into cybersecurity trends, threat intelligence, and industry developments, offering resources for cybersecurity professionals.

Securelist

Kaspersky's 2026 Global Security Services report consolidates findings from its MDR, Incident Response, Compromise Assessment, and SOC Consulting services covering 2025 data. Key findings include: MDR processed ~400,000 alerts with 39,000 investigated after false positive filtering; government and industrial sectors remain the most targeted; high-severity incidents continued a downward trend since 2021; Microsoft product vulnerabilities dominated CVEs with half enabling remote code execution; trusted relationship attacks grew to 15.5% of initial vectors; and LOLBins like PowerShell, rundll32, and tools like Mimikatz and AnyDesk were widely abused in high-severity incidents.

Kaspersky Global Report by Kaspersky Security Services 2026