New phishing threats, MOVEit resurfaces, 2025 predictions & more | December Security Roundup

From monumental data leaks to new insights into how the cyber underground operates, 2024 has been busy for SpyCloud and security practitioners everywhere.

In our final security recap of the year, we cover the latest news, revisit big events from the year, and spend a little time musing over industry predictions for 2025. Keep reading for our analysis of:

• Recent events like the charges against members of Scattered Spider, the recirculation of old MOVEit data, and the Andrew Tate “The Real World” hack
• New cybercrime trends like a phishing campaign that leverages Google Docs and Weebly and a sneaky new – still unidentified – infostealer targeting macOS devices
• Implications from the big headlines of the year, like the MOAB and National Public Data breaches
• What’s to come in 2025, and how to be thinking about what to prioritize come January

Read this month's security recap>>

And if we don’t talk to you between now and then, we’re wishing you and yours very happy holidays and a safe, secure New Year!

Oh, and here’s a last minute gift guide if you haven’t finished your shopping yet.

Other Trending Topics

China’s Surveillance State Is Selling Citizen Data as a Side Hustle

SpyCloud’s in-house security research team, SpyCloud Labs, have been digging into the growing – and often not well-understood by Western defenders – Chinese cybercrime ecosystem to better understand the unique TTPs used by these bad actors.

They have unearthed how data on individuals inside (and outside) of China is available as part of a larger “grey market” enabled by corruption and an overly large surveillance apparatus.

Learn more about their findings from their exclusive sit down with WIRED reporter, Andy Greenberg.

Product Updates

Scan & Remediate Password Exposures in Just 15 Minutes with Active Directory Guardian

SpyCloud’s Active Directory Guardian now provides an ever faster way to prevent identity threats, automatically scanning and remediating exposed credentials in as little as 15 minutes.

Detect and Remediate Infostealer Malware Faster with SpyCloud + Your EDR

SpyCloud’s latest integrations with CrowdStrike Falcon EDR & Microsoft Defender for Endpoints detects if any malware-infected devices match your environment, and automatically quarantines the device.

In Case You Missed It...

Journey to the Underground: Insights Into What's Fueling Ransomware

Learn about the findings from SpyCloud’s 2024 Malware and Ransomware Defense Report and tips to ensure you’re staying ahead of emerging cyberthreats.

3 Workflows To Combat Rising Identity Threats with SpyCloud + Your SOAR

Discover the benefits of integrating SpyCloud’s data with your SOAR platform – including Tines, Microsoft Sentinel, Palo Alto Cortex XSOAR, and more – to help you detect and remediate compromised employee identities.

In Other News

Threads users find strings of credit card details

SpyCloud Labs discusses how social media platforms, like Threads and Reddit, are becoming more popular for cybercriminals.

What Do Criminals Know About Your Organization?

Ignorance is not bliss. Know immediately if your domain has malware-siphoned data circulating in the criminal underground with a simple search.

Check Now >>