A field report from the IronCastle SOC: what changed in 2025, what's hitting small businesses right now, and the defensive architecture that actually works against agent-driven offence.
Curated from incidents seen across our fleet and confirmed by partners at Mandiant, Recorded Future, and the regional CERTs. We list our defence for each.
LLM-driven malware regenerates its own code on every connection. Function bodies are paraphrased, control flow is restructured, strings are re-encoded. The SHA256 that defended you yesterday is useless today.
↑ 312% novel implant variants observed YoY · MalwareBazaar 2025Frameworks like Mythic 4.x, Sliver 1.6, and Havoc ship with agent operators built in. They pick their own lateral targets, dump their own credentials, decide their own dwell time — no human at the keyboard. The signature of "intent" disappears.
4 min median dwell before first lateral move in observed campaigns"Your CFO" calls and asks about an urgent wire. The voice is right. The follow-up email comes from the right address (or a perfect lookalike). The agent on the other end knows your org chart from LinkedIn and adapts in real time.
1 in 7 SMBs hit by AI-tailored phishing in the last 12 months · ENISA 2025Modern attacks don't bother with malware. Phish a single Entra ID session, use the OAuth token to enumerate the tenant, exfiltrate via Graph API, then pivot to SharePoint and Teams. Your EDR never fires — there's no endpoint involved.
62% of cloud incidents in 2025 involved zero endpoint malware · Microsoft Digital DefenseThreat actors compromise your IT provider's RMM tool (ConnectWise, Kaseya, N-able) and pivot into every customer of that MSP at once. The malicious script is signed, scheduled, and runs as SYSTEM. By the time the MSP notices, the ransomware is already deployed.
3 of the top 5 ransomware campaigns in 2025 originated via MSP RMM compromise · CISAVideo calls with "your auditor", "your bank's compliance officer", "your insurance broker" — using real-time deepfake video and voice over Zoom. The ask is almost always the same: a credential, an access grant, a one-time code.
$900M+ reported losses from deepfake-aided fraud in APAC alone · 2024-25Public red-team frameworks repurposed for criminal use. We track every release and ship detections within days of public disclosure.
Every defensive capability mapped to the threat that drove it. Built in 2026 in response to what we saw, not in response to a marketing roadmap.
Field-level behavioural detection against an open, auditable rule set. ~9 macOS + ~14 Windows rules in production. Updated weekly.
One-click host quarantine. pf-based, IPv6-aware, with a Cloudflare CIDR allowlist so the host can still reach us for forensics. Reversible from the portal.
Every event joined against live hash and IP feeds. Free-tier feeds for SMBs; commercial Mandiant + Recorded Future on Keep and Citadel.
libyara, on-device. Every non-Apple-signed process scanned before it finishes spawning. Rule pack is Ed25519-signed; agent verifies before compile.
LaunchDaemon KeepAlive, watchdog heartbeat, tamper-attempt critical events. Attempting to kill the agent generates a critical incident with attacker process and command line.
Kill / quarantine / blocklist / isolate, queued automatically on critical detections. AI Guardian (latest frontier models) reads every incident in plain English and recommends action.
Read-only Ubuntu / RHEL agent, native GCC compliance overlays (NESA, ITDA, NCA), and full white-label partner-portal toolchain for regional SOCs.
Book a 30-minute walkthrough with a real engineer — not a sales lead. We'll show the live SOC, walk through your environment, and answer anything procurement needs.
Book a walkthrough →