7 Threat Snapshot 2 Blurring Boundaries 3 Vulnerability Intelligence 4 Stolen Access Credentials 6 Tips 7 Ransomware 5 Key Findings 1 In a diﬀerent approach, North Korean hackers used social engineering to inﬁltrate companies by posing as remote workers. After passing interviews, they were sent laptops, which they used to exﬁltrate data and extort the companies. U.S. authorities identiﬁed two North Korean-run companies with 130 workers involved in this scam. 7 Not all attacks in 2024 involved signiﬁcant sophistication. For example, the ransomware group Clop, known for targeting ﬁle-sharing providers, struck again in late 2024. This time, two zero- day vulnerabilities in Cleo, a secure ﬁle-sharing company, were exploited, compromising 66 victims in the process. 8 Another third-party attack which resulted in numerous victims was the attack on data cloud provider Snowﬂake. The victims in this case included some big names such as Ticketmaster, Santander, Advance Auto Parts and more. The attack took place after a group of hackers (two of whom have since been arrested) were able to obtain credentials stolen by an infostealer, and access clients’ environments due to the lack of other security means, such as MFA. 9 The Impact of Law Enforcement While 2024 saw numerous notable attacks, there were also signiﬁcant positive trends in combatting cyberthreats. Ransomware payments dropped by 35% due to increased law enforcement eﬀorts. 10 Law enforcement also made strides in combatting infostealers. On October 28, 2024, a Dutch-led operation took down the infrastructure of two major infostealers, Redline and Meta, seizing over 1,200 servers across multiple countries and arresting several individuals. 11 Another signiﬁcant successful operation took place on May 15, 2024, when the FBI took down BreachForums, a prominent cybercrime forum and predecessor to RadiForum, which had been shut down two years prior. Two administrators, Baphomet and ShinyHunters, were also arrested. 12 These victories highlight the ongoing eﬀorts of law enforcement and cyber professionals in the ﬁght against cybercrime. However, the battle continues to intensify, with cybercriminals, nation- state hackers and hacktivists evolving their tactics. The lines between these threat actors are blurring, as both methods and attack volumes grow.