Security Professional, Cyber Intelligence Principal @Netskope, Creator of the Cyber Attacks Timelines @ http://hackmageddon.com. Posts are my own!
Against all odds, I continue to (not so) regularly update my blog hackmageddon.com. I have been quite busy lately, but hope to catch up during the Summer break.
In the meantime enjoy the 1-15 February 2025 #cyberattacks timeline
https://www.hackmageddon.com/2025/07/23/1-15-february-2025-cyber-attacks-timeline/
Netskope Threat Labs has discovered a campaign from the Silver Fox threat actor, using fake installers disguised as legitimate software, including WPS Office, Sogou, and DeepSeek, to deliver the Sainbox RAT and Hidden #rootkit to Chinese-speaker users.
https://www.netskope.com/blog/deepseek-deception-sainbox-rat-hidden-rootkit-delivery
The #cyberattacks timeline for January 2025 is out with 216 events dominated by #cybercrime. #Malware and #Ransomware led the attack techniques, and once again #phishing emails led the initial access vectors.
https://www.hackmageddon.com/2025/06/13/january-2025-cyber-attacks-statistics/
The @Netskope Threat Labs Report #Brazil 2025 is out! đ§đˇ
đ¨ī¸ #OneDrive most abused #cloud app for #malware
đ¨ī¸ #Microsoft most impersonated brand for #phishing
đ¨ī¸ 62% of policy violations concern regulated data
đ¨ī¸ 96% of organizations use #genAI apps
https://www.netskope.com/resources/threat-labs-reports/brazil-2025
The 16-30 January #cyberattacks timeline is out with 107 events and a #threat landscape dominated by #malware and #ransomware. #phishing emails continued to lead the initial access techniques.
https://www.hackmageddon.com/2025/06/04/16-30-january-cyber-attacks-timeline/
#Threat actors continue to exploit legitimate #cloud apps. In this campaign discovered by the Netskope Threat Labs, targeting Navy Federal Credit Union customers, #phishing pages are hosted on Glitch, and Telegram is abused to exfiltrate credentials and bypass MFA.
The @Netskope Threat Labs for Europe 2025 đĒđē is out!
đŠī¸ #GitHub is the top #cloud app for #malware downloads (16%)
đŠī¸ Adobe is the most impersonated brand for #phishing (29%)
đŠī¸ 57% of #DLP violations concern regulated data
đŠī¸ 91% of orgs use #GenAI apps
https://www.netskope.com/resources/threat-labs-reports/europe-2025
One of the most surprising trends from the Netskope Cloud and Threat Report 2025 is that #GitHub has surpassed Microsoft #OneDrive as the most exploited #cloud app for delivering #malware.
I summarised the findings in a blog post for Infosec Magazine.
https://www.infosecurity-magazine.com/opinions/current-cloud-threat-landscape/
The Netskope Threat Labs Report for #Healthcare 2025 is out!
âī¸ 13% of #malware downloads come from GitHub
âī¸ 88% of organizations use #genAI apps
âī¸ #ChatGPT is the most used app with 81%
âī¸ 81% of data policy violations are related to regulated data
https://www.netskope.com/resources/threat-labs-reports/threat-labs-report-healthcare-2025
The 1-15 January 2025 #cyberattacks timeline is out!
đ #cybercrime dominated the #threat landscape
đ #malware was the top attack vector the #threat landscape
đ #phishing emails were the main initial access vector.
https://www.hackmageddon.com/2025/05/06/1-15-january-2025-cyber-attacks-timeline/
The #cyberattacks statistics for Q4 2024 are out!
đ #Cybercrime accounted for 70% of the events
đ #Malware continued to lead the Attack Techniques chart with 28%
đ #Phishing led the Initial Attack Vectors with 17%
https://www.hackmageddon.com/2025/04/24/q4-2024-cyber-attacks-statistics/
The #cyberattacks statistics for December 2024 are out! (Better late than never...).
đ #Cybercrime continued to lead the Motivations
đ #Malware led the Attack Techniques
đ #Phishing Emails led the Initial Access
https://hackmageddon.com/2025/04/22/december-2024-cyber-attacks-statistics/
And finally the last #cyberattacks timeline for 2024 is out! (December H2 - I know I am a little late!). #Malware continued to dominate the #threat landscape and #phishing was, once again, the preferred method for initial access.
https://www.hackmageddon.com/2025/04/18/16-31-december-2024-cyber-attacks-timeline/
The 1-15 December 2024 #cyberattacks timeline is out with 115 events and a #threat landscape dominated by #malware. #Cybercrime continues to be the main motivation, and #phishing the main initial access vector.
https://www.hackmageddon.com/2025/04/04/1-15-december-2024-cyber-attacks-timeline/
The new Netskope Threat Labs research reveals a 30x growth in data sent to #genAI apps by enterprise users in the last year, increasing volume of sensitive data exposure. Some highlights:
âī¸ 30x increase in the amount of data sent to genAI apps
âī¸ 90% of organizations use genAI apps
âī¸ 98% of organizations use apps that incorporate genAI features
âī¸ 72% of genAI apps are Shadow IT
Read the 2025 Generative AI Cloud and Threat Report for top trends.
https://www.netskope.com/netskope-threat-labs/cloud-threat-report/generative-ai-2025
The Netskope #Threat Labs Report #Financial Services 2025 is out!
âī¸ 4.7 out of 1000 users click on #phishing links monthly
âī¸ 40% of phishing targets #cloud applications
âī¸ 20% of #malware downloads come from #GitHub
âī¸ 95% of organizations use #genAI, with an average of 10 applications
https://www.netskope.com/resources/threat-labs-reports/threat-labs-report-financial-services-2025
The #cyberattacks statistics for November 2024 are out with 245 events characterized primarily by #cybercrime (72%) and #malware attacks (26.8%). #Phishing continued to be the main initial access vector (14.9%)
https://www.hackmageddon.com/2025/03/05/november-2024-cyber-attacks-statistics/
đ¨ SEO poisoning and fake CAPTCHAs are here to stay! Netskope Threat Labs found that attackers have been distributing malicious PDFs across 260+ domains and 4,000+ keywords to steal credit card data and deliver the Lumma Stealer #malware
The 16-30 November 2024 #cyberattacks is out with 117 events! #Malware continued to dominate the #threat landscape, and #phishing emails confirmed to be the main initial access vector.
https://hackmageddon.com/2025/02/27/16-30-november-2024-cyber-attacks-timeline/
Yet another interesting #malware strain unearthed by our Netskope Threat Labs: Telegram is being abused as command and control for a new Golang #backdoor, possibly of Russian origin. #cloudsecurity https://www.netskope.com/blog/telegram-abused-as-c2-channel-for-new-golang-backdoor