X-Industry

While threat actors continue to rely on many “classic” tactics that have existed for decades, our threat predictions for the coming year largely focus on cybercriminals embracing bigger, bolder, and, from their perspectives, better attacks.  From Cybercrime-as-a-Service (CaaS) groups becoming more specialized to adversaries using sophisticated playbooks that combine both digital and physical threats, cybercriminals are upping the ante to execute more targeted and harmful attacks.

In its 2025 thr

Microsoft’s spokesman announced on 13 December 2023 the disruption of Storm-1152, a Cybercrime-as-a-Service (CaaS) ecosystem that created 750 million fraudulent Microsoft accounts supporting phishing, identity theft, and other schemes.  The CaaS is believed to have made millions of dollars in illicit revenue by creating fraudulent accounts for other cybercrime groups to use in phishing, spam, ransomware, Distributed Denial-of-service (DDoS), and other types of attacks.

See:  https://redskyallian

As information security professionals with over 20+ years in the business, we now see that if a bad actor wants to successfully scam someone online, all these hackers need is to have a basic level of software or networking skills.  Everyone now has the tools to enter this lucrative business; albeit in many cases: very illegal.  Malicious “phishers” of the past used poor graphics, poor grammar, misspellings and showed signs that English was not their first language.  Most often, businesspeople we