Core Insights - The 2025 Global Threat Landscape Report from FortiGuard Labs indicates a significant rise in Cybercrime-as-a-Service on the darknet, leading to a booming market for credentials, exploits, and access [1][2] Group 1: Cybercrime Trends - Automated scanning has reached record highs, with a 16.7% year-over-year increase in 2024, resulting in 36,000 scans per second globally [3] - Darknet marketplaces have become sophisticated, with a 39% increase in new vulnerabilities added to the National Vulnerability Database, totaling over 40,000 in 2024 [3] - AI is being leveraged by cybercriminals to enhance phishing attacks and evade security measures, with tools like FraudGPT and BlackmailerV3 becoming more prevalent [3] Group 2: Targeted Sectors - Critical sectors such as manufacturing (17%), business services (11%), and healthcare are experiencing a surge in tailored cyberattacks, with the United States being the most targeted country at 61% [3] - Cloud security risks are escalating, with 70% of incidents involving logins from unfamiliar geographies, emphasizing the need for identity monitoring [3] Group 3: Credential Theft - Over 100 billion compromised records were shared on underground forums in 2024, marking a 42% increase, largely due to the rise of "combo lists" containing stolen credentials [3] - Prominent cybercriminal groups like BestCombo and ValidMail are actively lowering the barrier to entry for cybercrime by packaging and validating stolen credentials [3] Group 4: Recommendations for Cybersecurity - The report provides actionable insights for CISOs, emphasizing the need for a proactive, intelligence-led defense strategy that incorporates AI and continuous threat exposure management [4][5] - Strategies include continuous attack surface management, real-world emulation of adversary behavior, and leveraging dark web intelligence to preemptively mitigate threats [8]