Initial Access Broker Landscape in NATO Member States on Exploit Forum


by Eric Clay and Zaid Osta  This report conducts a case study on a large sample of initial access broker (IAB) posts on the Russian-language hacking forum (hereinafter referred to as “Exploit”), targeting critical infrastructure in NATO member states across Europe and North America. We first examine the anatomy of typical IAB posts and […]

Dark Web Drama: LockBit and the AN Security Breach Saga

Dark Web Drama: LockBit and the AN Security Breach Saga

by Tammy Harper (CYPFER) & Eric Clay (Flare) Background An out-of-place data leak appears. The dark web is no stranger to drama. Threat groups often collude, fight, and attempt to expose each other. This past week witnessed a notable example of such conflict, involving a confrontation between the LockBit ransomware group and a threat actor […]

Crowdsourced DDoS Attacks Amid Geopolitical Events

Crowdsourced DDoS Attacks Amid Geopolitical Events

by Zaid Osta, CTI Analyst This report explores the rising trend of crowdsourced distributed denial-of-service (DDoS) attacks within the context of recent geopolitical events, examining case studies from the ongoing Russia-Ukraine and Israel-Hamas conflicts. Download the full report PDF Key Findings  Introduction DDoS attacks involve a large network of devices or compromised systems, often known […]

The Cybercrime Ecosystem and U.S. Healthcare in 2023

FI Legal Cyber Threat Landscape

By: Eric Clay, Security Researcher Download the PDF Introduction: Analyzing Cybercrime Targeting the Healthcare Sector The cybercrime ecosystem continues to reach new heights of organization, coordination, and sophistication. Every year, cybercriminals develop and use new tools, which are increasingly commoditized and sold in as-a-service business models. The rapid advancement in cybercrime poses significant challenges for […]

Report – Data Extortion Ransomware & The Cybercrime Supply Chain: Key Trends in 2023

In the past few years, threat actors have escalated ransomware from not only jeopardizing the availability of data, but also its confidentiality. This report will delve into the growing trend of data extortion in ransomware, analyzing data from numerous such attacks to understand changing trends, major threat actors, and affected industries. We aim to equip […]

Report – Stealer Logs, Single Sign On, and the New Era of Corporate Cybercrime

Stealer Logs, Single Sign On, and the New Era of Corporate Cybercrime

Introduction How many credentials do you have saved in your browser? How many form fills? How many credit cards? These may seem like innocuous questions, but the advent of infostealer malware makes them all too relevant. Infostealer variants such as RedLine, Raccoon, and Vidar infect computers and steal the browser fingerprint, which contains all of […]

Report – The Legal Cyberthreat Landscape

Ransomware attacks have increased by more than 100% across all industries from 2022 to 2023. The legal sector is especially at risk due to the sensitive nature of information that law firms hold.  Our research into how at-risk law firms are with two primary measures: Learn more about changes to legal risk over time and […]

Report – Stealer Logs & Corporate Access

Stealer Logs & Corporate Access

There’s been a surge of infostealer malware variants such as RedLine, Aurora, Raccoon, Vidar, and more, over the last few years. As described in the name, this type of malware steals information from the devices they infect. To better understand the threat of infostealer malware, we analyzed trends of 19.6 million stealer logs such as: […]

Report – The Typology of Illicit Telegram Channels

Threat actors always seek out new ways to carry out their cybercrimes more easily and cheaply. Previously, cybercriminals flocked to the dark and deep web, but, instant messaging platforms like Telegram are gaining traction. Illicit Telegram channels are a growing issue, as threat actors see them as more anonymous and secure areas for communication. Read […]