Cybercrime Current Events: Background Check Organization Breach, a Repossessed Ransomware Blog, Feuding Forums, and Double Arrest of “J.P. Morgan”
There’s so much to keep up with in the world of cybercrime…especially for security practitioners. Leaky Weekly is a bi-weekly podcast hosted by security researcher Nick Ascoli as he dives into the most pressing stories on data leaks, cybercrime, and the dark web in the last week or so. On ... Read More
Launching Leaky Weekly with Flare, Cybercrime Current Events Podcast
There’s so much to keep up with in the world of cybercrime…especially for security practitioners. Leaky Weekly is a bi-weekly podcast hosted by security researcher Nick Ascoli as he dives into the most pressing stories on data leaks, cybercrime, and the dark web in the last week or so. Tune ... Read More
ShapeUp at Flare: A Game-Changer for Project Management
By Benoit Doyon, Software Development Team Lead I first encountered ShapeUp during one of my initial interviews for a position at Flare. My soon-to-be manager mentioned, “We’re using a methodology that works well for us, but you might not have heard of it before.” With over 10 years of software ... Read More
Red Teaming the Modern Attack Landscape
In today’s expanded attack surface, new technologies create new opportunities for businesses and malicious actors. Attackers can use the same artificial intelligence (AI) and large language models (LLMs) that companies use, often in the same way. In both cases, these technologies reduce the time spent on repetitive, manual tasks. For ... Read More
Using CTI to Help Predict Vulnerability Exploitability
In a world of increasingly powerful data analytics, security researchers continue to develop new uses for artificial intelligence (AI) and machine learning (ML). In security, predictive analytics offer insight into how a company should prioritize its activities. With more vulnerabilities detected daily, vulnerability management teams become overwhelmed, unable to patch ... Read More
AlphaLock, Threat Actor Branding, and the World of Cybercrime Marketing
Threat actors are not a monolith in their approach to cybercrime. The popular perception is that threat actors steal information for the sake of it, while knowing and accepting that they are doing something wrong. However, some threat actors also justify their actions by promoting an image that their activity ... Read More
Ransomware in Context: 2024, A Year of Tumultuous Change
2024 has started off dramatic shifts in the ransomware landscape. In December of 2023 international law enforcement took down the BlackCat leaks site, leading to the group removing all ethical restrictions for their affiliates and declaring all organizations in Western Europe and the United States viable targets to include nuclear ... Read More
LockBit’s Conversation on XSS Forum with an Initial Access Broker
In February of 2024, admins of the Russian hacking forum XSS banned the primary LockBit account active on the forum. The ban was the result of a dispute between LockBit, and an initial access broker operating under the username “aa.” The following is a conversation between AA and LockBit, posted ... Read More
Threat Spotlight: Data Extortion Ransomware Threats
Over the last few years, the ransomware landscape has changed significantly. Between 2022 and 2023, ransomware attacks increased by more than 100% year-over-year, with more attacks consisting of double and triple extortion. At a high level, the categories of ransomware can be defined as: Modern ransomware attacks are no longer ... Read More
Initial Access Broker Landscape in NATO Member States on Exploit Forum
Initial access brokers (IABs) gain unauthorized access to the system then sell this access to other malicious actors. Based on a large sample of IAB posts on the Russian-language hacking forum Exploit.in (Exploit), IABs increasingly target entities within NATO member states, with research revealing recent activity in 21 of 31 ... Read More