This report highlights major cybersecurity events in January 2025 across North America, including Group‑IB CERT’s identification of large‑scale impersonation schemes targeting U.S. marketplace brands and a potential link between Scattered Spider and the Black Basta ransomware group. Global trends include a new ransomware technique described by Halcyon, where an actor known as Codefinger uses stolen AWS credentials to encrypt Amazon S3 buckets through customer‑managed server‑side encryption. These developments underscore growing risks tied to cloud misconfigurations, credential theft, and increasingly sophisticated threat actor collaboration.

Join for free to read