1、2 0 2 5T H R E AT H U N T I N GR E P O R T 2CROWDSTRIKE 2025 THREAT HUNTING REPORTTable of ContentsIntroduction 3Naming Conventions 6Front-Line Snapshot 7Sector Targeting 9Sector Spotlights 10MITRE ATT&CK Observations 11Intrusion Trends by Adversary 12Observations from the Front Lines 14Countering t

2、he Adversary:Generative Artificial Intelligence 14Hunting Cross-Domain Adversaries 20Case Study:Disrupting BLOCKADE SPIDER 22Case Study:Hunting OPERATOR PANDA 25Identity Hunting 26Adversary Spotlight:SCATTERED SPIDER 27Cloud Hunting 30Case Study:Hunting GENESIS PANDA Across the Cloud Control Plane 3

3、2Case Study:MURKY PANDAs Abuse of Trusted Relationships 34Endpoint Hunting 35Case Study:Hunting GLACIAL PANDA Living off the Land 36Vulnerability Hunting 38Case Study:Hunting GRACEFUL SPIDERs Zero-Day 39Conclusion 43Recommendations 44CrowdStrike Falcon Platform 46CrowdStrike Products 47CrowdStrike S

4、ervices 51About CrowdStrike 53CROWDSTRIKE 2025 THREAT HUNTING REPORT 3IntroductionA new era of cyber threats has emerged with the rise of the“enterprising adversary,”as highlighted in the CrowdStrike 2025 Global Threat Report.This new breed of threat actor distinguishes itself through sophisticated

5、and scalable tactics designed to execute attacks with calculated,business-like efficiency.These adversaries operate with strategic precision to maximize impact and quickly achieve their goals.Innovation is a critical cornerstone to outmaneuver and disrupt the enterprising adversary.Novel technologie

6、s and threat hunting are required to anticipate the adversarys next moves,understand their evolving methodologies,and adapt defenses to stay ahead.Todays enterprising adversary is adept at bypassing traditional cybersecurity defenses.They understand the limitations of conventional safeguards and see