Threat environment On April 17, ISIS’s official spokesperson, Abu Omar al-Muhajir, released his second audio message since assuming his new role. The audio message, which is over 33 minutes long, began with a congratulatory note on the holy month of Ramadan then quickly became bellicose. Given the context in which ... Read More

Cornerstone of Effective Decision-Making Producing timely, relevant, and actionable intelligence at scale is integral to the success of a threat intelligence and risk remediation program. But it simply isn’t feasible for many organizations due to the extensive resources, bandwidth, and subject-matter expertise it requires. Unlike automated threat feeds or keyword ... Read More

The following research is based on information gathered by Flashpoint analysts and data collections. For February’s report, click here. Key takeaways: March 2022 ISIS attacks Nigeria has now fully cemented itself as, far and away, the country with the most claimed ISIS attacks in a month-to-month period.  ISIS claimed responsibility ... Read More

German authorities announced today that they had taken down the Germany-based servers of Hydra Market—the largest Russian-speaking darknet market—and closed it. They also confiscated 23M Euros (about $25M) in Bitcoin. The steps follow an investigation with the participation of German and U.S. law enforcement, which started in August 2021. According ... Read More

The Open Source Software (OSS) community has been split in two after an OSS author repurposed his own library to protest the Ukrainian-Russian war. On March 7, RIAEvangelist released several versions of his “node-ipc” software package—which has been downloaded millions of times—with some versions reportedly overwriting code on machines presumably ... Read More

Erecting Russia’s digital iron curtain As its war against Ukraine rages on, Russia is attempting to block, throttle, fine, and/or censor nearly all “Western” social media platforms, as well as other key information sources. These internet blocks and bans affect information going in and out of Russia, which theoretically prevents ... Read More

LAPSUS$ is an extortionist threat group that became active on December 10, 2021. Unlike the majority of extortionist groups that typically rely on a combination of ransomware and data leaks, LAPSUS$ is focused on monetizing their operations exclusively through data leaks advertised on Telegram without the use of ransomware. Initially, ... Read More

In the old, in the with new: The financial cyber threat landscape In our latest report, we detail seven primary cyber threats that organizations across the financial services sector will face in 2022. Some of them, such as ransomware, are not new but nevertheless remain a serious threat. Others, such ... Read More

Click here for Flashpoint’s coverage of the role of intelligence in Russia’s war on Ukraine. Russia moves to control the information narrative The Russian government ordered state-owned portals to connect to its state-controlled domain name system servers by March 11—and, to switch to Russian hosting providers and localize elements that ... Read More

Updated April 12: Today, the US Department of Justice (DOJ) issued a press release confirming their seizure of the popular English-language hacking forum, Raid Forums.  “Our interagency efforts to dismantle this sophisticated online platform—which facilitated a wide range of criminal activity —should come as a relief to the millions victimized ... Read More