Training: Cybercrime Persona Theory & Group Infiltration
Sign Up
Free Trial
Book a Demo
Get Full Access

Tag: Dark Web Insider

LockBit’s Conversation on XSS Forum with an Initial Access Broker

Gradient blue background. There is a light orange oval with the white text "BLOG" inside of it. Below it there's white text: "LockBit's Conversation on XSS Forum with an Initial Access Broker" with a light orange arrow pointing down.

In February of 2024, admins of the Russian hacking forum XSS banned the primary LockBit account active on the forum. The ban was the result of a dispute between LockBit, and an initial access broker operating under the username “aa.”  The following is a conversation between AA and LockBit, posted on XSS as aa sought […]

Threat Spotlight: Data Extortion Ransomware Threats

A navy background with the white text "Data Extortion Ransomware Threats"

Over the last few years, the ransomware landscape has changed significantly. Between 2022 and 2023, ransomware attacks increased by more than 100% year-over-year, with more attacks consisting of double and triple extortion. At a high level, the categories of ransomware can be defined as: Modern ransomware attacks are no longer a lone individual sitting at […]

Implement Continuous Threat Exposure Management: A Quick Guide for 2024

Gradient blue background. There is a light orange oval with the white text "BLOG" inside of it. Below it there's white text: "Implement Continuous Threat Exposure Management." There is white text underneath that which says "Learn More" with a light orange arrow pointing down.

This year, Gartner named “Continuous Threat Exposure Management (CTEM)” as one of the top trends for Optimizing for Resilience. This is a response to increasing attack surfaces and thus cybercrime, and is the approach that best suits the evolving threat landscape. Organizations’ attack surfaces have exponentially increased over the past few years largely due to […]

Modern Cyber Warfare: Crowdsourced DDoS Attacks

Gradient blue background. There is a light orange oval with the white text "BLOG" inside of it. Below it there's white text: "Modern Cyber Warfare: Crowdsourced DDoS Attacks." There is white text underneath that which says "Learn More" with a light orange arrow pointing down.

Over the past few years, politically motivated threat actors have increasingly gone online to find allies for their causes. While ten years ago most hactivism like this was anonymous, modern actors favoring certain political elements or governments leverage a broader ecosystem. Since Distributed Denial of Service (DDoS) attacks require little technical skill, they offer a […]

Initial Access Broker Landscape in NATO Member States on Exploit Forum

Gradient blue background. There is a light orange oval with the white text "BLOG" inside of it. Below it there's white text: "Initial Access Broker Landscape in NATO Member States on Exploit Forum." There is white text underneath that which says "Learn More" with a light orange arrow pointing down.

Initial access brokers (IABs) gain unauthorized access to the system then sell this access to other malicious actors. Based on a large sample of IAB posts on the Russian-language hacking forum Exploit.in (Exploit), IABs increasingly target entities within NATO member states, with research revealing recent activity in 21 of 31 countries. Additionally, access to organizations […]

Threat Spotlight: New Frontier of AI Exploits

A navy background with the white text "New Frontier of AI Exploits."

As machine learning (ML) and artificial intelligence (AI) become increasingly complex, they pose new possibilities for organizations and threat actors. Over the last fifteen years, neural networks and deep learning technologies have evolved at a rapid pace. Over the past four years, from the release of GPT1 through today’s GPT4, AI models have evolved from […]

Threat Spotlight: Data Extortion Ransomware: Key Trends in 2023

data extortion ransomware key trends in 2023

Ransomware Trends Overview As ransomware’s fundamental nature shifts from encryption to data exfiltration, organizations’ data backup and recovery practices no longer protect them from attacks. Over the course of the past few years, the cybercriminal landscape changed too. More and more criminal ransomware organizations are adopting “as-a-Service” business models on the dark web which open the […]

Threat Spotlight: Initial Access Brokers on Russian Hacking Forums

A navy background with the white text in all caps "Initial Access Brokers on Russian Hacking Forums."

Russian Hacking Forum Trends Initial access brokers (IAB) are sophisticated, focused, and specialized threat actors that focus on finding and gaining access to corporate environments. Once they compromise these environments, they auction off or sell the access on dark web forums.  To date in 2023, more than 100 companies across 18 industries had access to […]

Threat Spotlight: The Dark Web and AI

A navy background with the white text in all caps "The Dark Web and AI."

Executive Overview More than 200,000 credentials to AI language models are currently being sold on the dark web as part of stealer logs, files containing thousands of credentials derived from infostealer malware. This certainly raises the risk that employees will leak sensitive data into models, and then lose the credentials. However, we see even more […]

Threat Spotlight: Stealer Logs & Corporate Access

A navy background with the white text in all caps "Stealer Logs & Corporate Access."

Executive Overview Over the last three years, infostealer malware variants have become a “popular trend” in the cybercriminal Malware-as-a-Service (MaaS) ecosystem. Doing precisely as their category implies, these malware variants steal information from users’ devices. After infecting the device, the malware employs various techniques to remain undetected while sending data to the malicious actors’ command […]

4.9

“What used to take about 1500 hours to complete can now be done in 1 week. Flare allows me to empower junior analysts to do dark web investigations that were previously impossible, hence liberating bandwidth.

Senior Security Specialist at a MSSP

4.9

“Other solutions would present us with thousands of potential leaks which were impossible to work with for our small team, Flare was the only one that could successfully filter and prioritize data leaks with their 5-point scoring system.”

CTI Director at a Major North American Bank

4.9

“Flare enables us to react quickly when threats are publicized. It helps us protect our brand and financial resources from data breaches.”

CISO in a Major North American Bank

4.9

“We audited dozens of different solutions and Flare was the only one making CTI easy and understandable for all, with the right data.”

Senior Advisor at an IT Services Industry

Start your free trial today

Experience Flare for yourself and see why Flare is used by organization’s including federal law enforcement, Fortune 50, financial institutions, and software startups.

START FREE TRIAL
Flare logo
Get a Demo
Free Trial
Linkedin Twitter Facebook Youtube
Copyright 2025 Flare Systems, Inc.
1751 Rue Richardson, Unit 3.108, Montreal, Quebec, H3K 1G6, Canada

Flare HQ

soc 2 cybersecurity company
Flare logo
Free Trial
Get Full Access
Log in