In October 2025, cyber threats intensified as phishing campaigns and ransomware attacks exploited trusted cloud services, targeting corporate credentials and critical infrastructure. Attackers misused platforms like Google and Figma for credential theft, exemplified by a campaign mimicking Google Careers job offers that lured victims via fake application pages. This multi-step attack exploited brand trust to facilitate account takeovers and data exfiltration, heavily hitting the tech and consulting sectors.
Phishing was facilitated by groups like Storm-1747, employing services like Figma for embedding lures that bypassed email security. Likewise, the TyKit phishing kit, identified earlier in 2025 but escalating in October, utilized obfuscated JavaScript to target users with seemingly legitimate Microsoft 365 impersonation. Meanwhile, ransomware, specifically LockBit 5.0, broadened its impact across diverse operating systems including Linux and VMware ESXi, heightening risks for enterprises globally. Its enhanced obfuscation and rapid encryption capabilities disrupted entire data centers, complicating incident response efforts.
To combat these evolving threats, security teams are urged to implement phishing-resistant multi-factor authentication and monitor for suspicious domains. Behavioral detection and sandbox analysis are recommended, alongside developing response playbooks to prepare for future attacks, ensuring a proactive stance against the escalation of cloud service abuse by attackers.
👉 Pročitaj original: Cyber Security News
