Flare delivered a 321% ROI according to Forrester Research
Read the Report
Free Trial
Book a Demo
Get Full Access

Tag: CTI Strategies

5 Things to Know About Defending Against Phishing Kits (as Shown by John Hammond)

Phishing kits are credential-harvesting operations that are cleverly disguised as standard web pages from Microsoft, Instagram, PayPal, and more. They can steal information from victims, then exfiltrate it to Discord or Telegram. They are unfortunately dangerously effective and widely available, but with the right knowledge, security teams can take advantage of them as intelligence assets.  […]

3 Benefits to Consider for the ROI of a Threat Intelligence Solution

Finding the right threat intelligence tool for a security team or organization can be challenging. Security teams would like to act on external threats with confidence and speed and their tooling should enable that. However, common pain points include that practitioners are dissatisfied with the level of intelligence or services provided, and what they’re paying […]

4 Things You Didn’t Know About Telegram Cybercrime (Until John Hammond Showed You)

Stolen credentials fuel a big portion of the cybercrime ecosystem. So how are threat actors stealing them? Infostealer malware has exploded in growth in the last few years, and they can steal information saved on computer browsers such as: Stealer logs are the results of infostealer malware taking data from computers. Threat actors buy and […]

5 Questions On OPSEC Fundamentals

Surveillance is everywhere and ingrained in our society. While privacy is a human right, we live in an era of Operational Security (OPSEC) and privacy fatigue. The technologies we use everyday collect more and more information, making many people feel hopeless about having control over their information. From painful opt-out processes to the integration of […]

6 Things to Know About Improving Threat Intelligence Collection

Flare recently hosted our first Threat Intel Workshop with Senior Threat Intelligence Researcher Tammy Harper. Below are some of the questions Tammy covered in improving threat intelligence collection practices. 1. How does the disruption to Telegram affect threat actors? After the arrest of Telegram CEO in August 2024, the messaging platform that has been popular […]

Red Teaming the Modern Attack Landscape

Navy background with lines in the corner with the white text "Red Teaming the Modern Attack Landscape" over it on the left side of the image. To the right is a desktop monitor and a laptop, with 2 peoples' hands pointing at the screens.

In today’s expanded attack surface, new technologies create new opportunities for businesses and malicious actors. Attackers can use the same artificial intelligence (AI) and large language models (LLMs) that companies use, often in the same way. In both cases, these technologies reduce the time spent on repetitive, manual tasks. For example, organizations may use LLMs, […]

Using CTI to Help Predict Vulnerability Exploitability

Gradient blue background. There is a light orange oval with the white text "BLOG" inside of it. Below it there's white text: "Using CTI to Help Predict Vulnerability" with a light orange arrow pointing down.

In a world of increasingly powerful data analytics, security researchers continue to develop new uses for artificial intelligence (AI) and machine learning (ML). In security, predictive analytics offer insight into how a company should prioritize its activities. With more vulnerabilities detected daily, vulnerability management teams become overwhelmed, unable to patch or remediate everything all at […]

Supply Chain Security and NIS2: What You Need to Know

Gradient blue background. There is a light orange oval with the white text "BLOG" inside of it. Below it there's white text: "Supply Chain Security and NIS2: What You Need to Know." There is white text underneath that which says "Learn More" with a light orange arrow pointing down.

The Network Information Systems Directive (NIS2) and its predecessor NIS focus on risk management for organizations. The EU states that the NIS is the first piece of EU-wide legislation on cybersecurity with the goal of achieving a high common level of cybersecurity across the member states. The NIS2 will be quite impactful, especially as it […]

Third-Party Cybersecurity Risk Management

Gradient blue background. There is a light orange oval with the white text "BLOG" inside of it. Below it there's white text: "Third-Party Cybersecurity Risk Management: A Short Guide for 2024." There is white text underneath that which says "Learn More" with a light orange arrow pointing down.

Third-parties are an important part of your extended enterprise. They’re your vendors, your partners, and your suppliers. They provide some of your business’s most critical services: billing, data storage, or sales. Unfortunately, vendors and suppliers also come along with significant third party cybersecurity risk. Early in January, Gartner named third-party risk cyber management (TPCRM) a […]

NIS2 Compliance: Updated for 2024,  Complete Guide

Gradient blue background. There is a light orange oval with the white text "BLOG" inside of it. Below it there's white text: "NIS2 Compliance: Updated for 2024, Complete Guide" There is white text underneath that which says "Learn More" with a light orange arrow pointing down.

The Network Information Systems Directive (NIS) was published in 2016 and required EU critical infrastructure sectors to meet basic cybersecurity compliance requirements. In October 2024 the second iteration of the Network Information Systems Directive (NIS2) will be going into effect, which will both substantially expand the number of entities required to be compliant in addition […]

Flare logo
Free Trial
Get Full Access
Log in