STIX & TAXII Threat Intelligence: A Quick Guide
Among the various tools and frameworks available for cyber threat intelligence (CTI), STIX and TAXII stand out due to their robustness and interoperability. We present a quick guide to STIX (Structured Threat Information eXpression) and TAXII (Trusted Automated eXchange of Intelligence Information). These protocols facilitate systematic sharing, correlation, and management of cyber threat intelligence, and […]
Threat Spotlight: Data Extortion Ransomware: Key Trends in 2023
Ransomware Trends Overview As ransomware’s fundamental nature shifts from encryption to data exfiltration, organizations’ data backup and recovery practices no longer protect them from attacks. Over the course of the past few years, the cybercriminal landscape changed too. More and more criminal ransomware organizations are adopting “as-a-Service” business models on the dark web which open the […]
Cyber Threat Intelligence Frameworks: What You Need to Know
CTI represents a proactive and strategic approach to cybersecurity, providing organizations with the insights needed to identify and combat potential cyber threats. These CTI frameworks are evolving, adapting to the changing threat landscape and leveraging cutting-edge technologies to enhance their effectiveness. Understanding the Evolution of Cyber Threat Intelligence Frameworks The digital landscape is ever-evolving, with […]
Digital Brand Protection: Monitoring Your Brand Across the Clear & Dark Web
Whether it’s trademark infringement, counterfeit goods, data breaches, or damaging chatter in the dark corners of the internet, these threats can seriously undermine your brand’s integrity and bottom line. Vigilant and comprehensive digital brand protection strategies are an absolute necessity. Wherever it appears, your digital brand should remain secure, credible, and trustworthy. Understanding the Importance […]
Cyber Threat Analysis: A Quick Guide
The need for effective cyber threat analysis – a critical process that involves identifying, investigating, and evaluating potential threats to maintain the integrity of our digital environments, is integral to cybersecurity. For businesses harnessing the power of Software as a Service (SaaS) platforms, particularly those in the field of cyber threat intelligence, comprehending and implementing […]
Cyber Threat Exposure: Detection & Prevention Guide
At its core, cyber threat exposure management (CTEM) is the culmination of traditional vulnerability management, threat intelligence, and attack surface management. In the past, organizations focused on identifying and patching software vulnerabilities, often with a reactive approach. CTEM is focused on proactively identifying all types of high-risk exposure that could leave your organization at risk, […]
Threat Spotlight: Initial Access Brokers on Russian Hacking Forums
Russian Hacking Forum Trends Initial access brokers (IAB) are sophisticated, focused, and specialized threat actors that focus on finding and gaining access to corporate environments. Once they compromise these environments, they auction off or sell the access on dark web forums. To date in 2023, more than 100 companies across 18 industries had access to […]
Threat Spotlight: The Dark Web and AI
Executive Overview More than 200,000 credentials to AI language models are currently being sold on the dark web as part of stealer logs, files containing thousands of credentials derived from infostealer malware. This certainly raises the risk that employees will leak sensitive data into models, and then lose the credentials. However, we see even more […]
Threat Intelligence Analytics: Making the Most of Your CTI Program
The threat landscape has never been more challenging for CISOs and security teams than in 2023. Our research has found ransomware attacks have increased by more than 100% since 2022, hundreds of thousands of corporate credentials are being distributed on Telegram with SSO, active directory, and corporate SaaS application credentials, and initial access brokers (IAB) […]
Dark Web Analytics: Detecting Threats Across the Dark Web
The nebulous part of the internet: the dark web, which traditional search engines don’t index, serves as a hub for cybercriminal activity, ranging from illicit trade in stolen data to planning sophisticated cyberattacks. Dark web analytics can help organizations detect potential threats and enable them to proactively protect their digital ecosystem. There are a number […]