DeepSeek’s top-ranked AI app is restricting sign-ups due to ‘malicious attacks’
After surging to the top of Apple’s App Store charts in the US, DeepSeek’s AI Assistant is now restricting new user sign-ups. According to an incident report page, registrations are being temporarily limited “due to large-scale malicious attacks on DeepSeek’s services,” though it’s unclear how these limitations are being applied. “Existing users can log in as usual,” DeepSeek said in its update. “Thanks for your understanding and support.” An alert banner on the DeepSeek web sign-up page says that “registration may be busy,” rather than entirely restricted, however, and encourages users to wait and “try again” if their application is unsuccessful.
Microsoft Teams phishing attack alerts coming to everyone next month
Microsoft reminded Microsoft 365 admins that its new brand impersonation protection feature for Teams Chat will be available for all customers by mid-February 2025. Once enabled, it will display alerts when detecting phishing attacks targeting organizations that have enabled external Teams access (which allows threat actors to message any user from external domains). The company first announced that it was working on defenses against Teams brand impersonation in late October 2024 (when it added this initiative to the Microsoft 365 roadmap), and it began rolling it out to users almost one month later, in mid-November.
Google takes action after coder reports ‘most sophisticated attack I’ve ever seen’
Google says it’s now hardening defenses against a sophisticated account takeover scam documented by a programmer last week. Zach Latta, founder of Hack Club, told of how close he was to succumbing to voice phishers who attempted to take over his Google account. He said: “Someone just tried the most sophisticated phishing attack I’ve ever seen. I almost fell for it. My mind is a little blown.” The scammers called Latta, who’s based in Vermont, USA, claiming the Google Workspace team spotted an unusual login attempt from Frankfurt and that he needed to reset his account password.
EU Sanctions Three Russians For 2020 Cyber-Attack on Estonia
Three Russian nationals have been sanctioned by the EU for their involvement in a 2020 cyber espionage operation targeting Estonian government agencies. In a document published on January 27, 2025, the Council of the EU imposed restrictive measures against Nikolay Korchagin, Vitaly Shevchenko and Yuriy Denisov. As members of the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (aka Unit 29155), the three Russians are accused of being responsible for “cyber-attacks with a significant effect by conducting intelligence activities directed against Estonia and gaining access to a computer system illegally.”
GoDaddy’s Cybersecurity Called into Question
The Federal Trade Commission (FTC) has filed a complaint that GoDaddy has violated Section 5 of the FTC Act pertaining to “unfair methods of competition” through “unfair or deceptive acts or practices.” The complaint details how GoDaddy’s failure to implement standard security tools and practices for protecting the environment where it hosts customers’ websites and data, coupled with the insufficient monitoring of said environment for security threats, contradicted their promotional claim to be a secure option for hosting.
