Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This Valentine’s Day, Cupid wasn’t the only one taking aim. Our Threat Research team noted a 34.8% increase on Valentine-related threat traffic in comparison to February of 2024. Leveraging impersonation and social engineering techniques, attackers have used a seasonal event to exploit heightened emotions and a sense of urgency, effectively increasing the likelihood of success in their phishing campaigns.

Data theft extortion attacks increased by 46% in the fourth quarter of 2024, according to a new report from Nuspire. These incidents have become a routine part of ransomware attacks, since the threat of a data breach puts additional pressure on victims to pay the ransom. Ransomware gangs published stolen data on leak sites more than 2,200 times during Q4 2024. The finance and insurance industry saw the sharpest rise in data theft extortion last quarter.

SentinelOne warns that a phishing campaign is targeting high-profile X accounts, including those belonging to US political figures, leading journalists, major technology companies, cryptocurrency organizations, and owners of coveted usernames. “SentinelLABS’ analysis links this activity to a similar operation from last year that successfully compromised multiple accounts to spread scam content with financial objectives,” the researchers write.

Check Point warns that a large-scale phishing campaign is targeting Facebook accounts with phony copyright infringement notices. The phishing emails have targeted more than 12,000 email addresses at hundreds of companies. Nearly all of the emails targeted individuals in the US, the EU, and Australia, though the researchers also observed some phishing templates written in Chinese and Arabic.

Dr. Martin J. Kraemer discusses learning from The Word Economics Forum Cybersecurity Outlook 2025 report Last year, the British multinational corporation Arup lost about 20 million pounds after falling victim to a deepfake scam. A finance worker in their Hong Kong office carried out 15 transactions to seven different bank accounts after joining an online meeting, during which urgent financial requirements were discussed among senior leadership.

2024 saw the highest-ever amount of ransomware attacks, according to a new report from NCC Group. There were 5,263 observed ransomware incidents last year, with the LockBit gang accounting for ten percent (526) of these attacks. RansomHub was the second most active group, accounting for 501 attacks. Notably, the industrial sector was the most commonly targeted, accounting for 27% of ransomware attacks in 2024 (a 15% increase from 2023).

Scammers are taking advantage of the newfound popularity of the China-based AI app DeepSeek, according to researchers at ESET. DeepSeek released its generative AI tool last month, and it’s since overtaken ChatGPT as the top free app in Apple’s App Store. Users are now spotting lookalike domains designed to deliver malware or steal information. Other scams offer users the opportunity to buy phony stocks in DeepSeek.

In the bustling world of 1960s Madison Avenue, a young advertising executive named Lester Wunderman was about to revolutionize the industry. Wunderman, often called the father of direct marketing, had a simple yet profound insight: personalization was the key to capturing attention and driving action. Wunderman's breakthrough came when he created the Columbia Record Club, a mail-order service that tailored its offerings based on each member's past purchases and preferences. The results were staggering.

The rise of agentic AI tools will transform the cybercrime landscape, according to a new report from Malwarebytes. Agentic AI—which is still under development—is a step above the generative AI tools that are currently available to the public, and will likely be widely released in 2025. While these tools will have many legitimate uses, they’ll also enable cybercriminals to scale their attacks.

A KnowBe4 Threat Lab publication Authors: Daniel Netto, Jeewan Singh Jalal, Anand Bodke, and Martin Kraemer Executive Summary Attackers exploit redirects that lack safeguarding mechanisms to borrow the domain reputation of the redirect service, obfuscate the actual destination and exploit trust in known sources. Whitelisting URLs, only allowing a predefined set of URLs to be rewritten, is an effective countermeasures against the vulnerability on the server side.