Phishing campaign impersonates PayPal, PLAYFULGHOST malware spreads via phishing and SEO poisoning, and the new NonEuclid RAT gains traction.

In today’s interconnected world, supply chains are essential for nearly every product and service. Yet, this interconnectedness comes with vulnerabilities. In fact, 41% of organizations that suffered material impacts from a cyberattack in 2023 report that those cyberattacks originated from a third party, according to the 2024 Global Cybersecurity Outlook by the World Economic Forum. What supply chain security issues might your organization face?

Financial organizations across Europe are actively preparing for the Digital Operational Resilience Act (DORA), taking effect in January 2025. Meeting DORA compliance requirements has become essential for financial institutions as they adjust their operations to match new regulatory standards. The legislation brings substantial changes to information and communication technology (ICT) risk management practices, security protocols, and third-party oversight.

On January 9, the SecurityScorecard STRIKE team uncovered Operation 99, a cyberattack by the Lazarus Group, North Korea’s state-sponsored hacking unit. This campaign targets software developers looking for freelance Web3 and cryptocurrency work. If you thought fake job offers from the group’s Operation Dream Job campaign were bad, this latest move is a masterclass in deception, sophistication, and malicious intent. Here’s why Operation 99 demands your attention.

Insider threats are among the most elusive and damaging forms of cybersecurity risk. According to the Ponemon Institute, 71% of organizations experienced between 21 and 41 insider incidents in 2023, up 67% over the previous year. The average annual cost of insider threats also climbed to $16.2 million per organization, the report found.

Many organizations across critical industries such as healthcare, manufacturing and energy rely on legacy Windows operating systems to run essential equipment. These systems, while operationally vital, are notoriously difficult and costly to upgrade — leaving them vulnerable to modern cyber threats. CrowdStrike is addressing this challenge by expanding our legacy support with the general availability of CrowdStrike Falcon for Legacy Systems.

On January 14, 2025, Fortinet published a security advisory for CVE-2024-55591, an authentication bypass using an alternate path or channel vulnerability in FortiOS and FortiProxy. A remote threat actor can craft requests to the Node.js websocket module to gain super-admin privileges.

In the spring of 2024, the FBI warned U.S citizens of a spear phishing campaign by state-sponsored North Korean threat actors.

Japan’s National Police Agency (NPA) has attributed more than 200 cyber incidents over the past five years to the China-aligned threat actor “MirrorFace,” Infosecurity Magazine reports.