|
By Adi Bleih
The RansomHub ransomware group has emerged as a significant player in the ransomware landscape, making bold claims and substantiating them with data leaks. The group emerged after the Federal Bureau of Investigation (FBI) disrupted ALPHV’s ransomware operation on December 19, 2023. There are assumptions that RansomHub is a “spiritual successor” of the ALPHV group and operates with the help of former ALPHV affiliates.
As one of the world’s largest and most advanced economic regions, the European region consists of 37 countries including the 27 European Union (EU) countries. With some of the most important economies in the world, Europe remains a prime target for cyber adversaries and state actors. The retail industry faces a constantly evolving array of threats among its major sectors.
|
By Manasa Pisipati
DeepSeek is a Hangzhou-based startup founded in December 2023 by Liang Wenfeng. It released its first AI-based large language model in 2024. The company recently received widespread attention after releasing a new open-source AI model that rivals OpenAI’s work. The app shot to the top of the app stores’ downloads list and has sparked much interest.
|
By Jay Villanueva
A lot has happened since the emergence of social networking began in the early 2000s. Since then, many people have relied on social media platforms to stay connected with friends, family, community, and more. With this popularity, cyber criminals also took advantage of this trend.
|
By Adi Bleih
On January 15th, the FSOCIETY ransomware group published on their official DLS (data leak site) that they have begun a partnership with the rising Funksec group. The FunkSec ransomware group first emerged publicly in late 2024 and rapidly gained prominence by publishing over 85 claimed victims—more than any other ransomware group in the month of December.
|
By Adi Bleih
In 2024, the ransomware landscape recorded 5,414 published attacks on organizations worldwide, representing an 11% increase compared to 2023. While the year began with a decline in ransomware activity during Q1, the frequency of attacks surged in Q2 and continued to rise through the remainder of the year. This culminated in a dramatic spike during Q4, which saw 1,827 incidents—33% of all ransomware attacks for the year—making it the most active quarter.
|
By Jay Villanueva
The Cyberint (now a Check Point Company) Philippine Threat Landscape 2024-2025 report unravels the evolving cyber threats and scam operations targeting organizations in the Philippines—mainly within the Government, Education, Financial, and Telecommunications sectors. Data from Cyberint sources indicates a surge in cyber threats such as malware, social engineering, and system exploitations.
|
By Nir Ben Eliezer
Traditionally, approaches to Attack Surface Management (ASM) went something like this: A business scanned its own IT estate to discover assets and understand what its attack surface actually included. We can think of this as Phase I. Following the completion of an asset inventory, they assessed each of their assets to identify risks and vulnerabilities, such as open ports, certificate issues, DNS misconfigurations, and more.
|
By Research Team
Cl0p Ransomware, aka Cl0p, is a ransomware group that emerged in February 2019 and targeted most industries worldwide, including retail, transportation, education, manufacturing, automotive, energy, financial, telecommunications and even healthcare. The clop ransomware group is thought to be a successor of the CryptoMix ransomware group.
|
By Adi Bleih
On October 14th, prior to the data leak on December 16th, a threat actor known as IntelBroker announced on BreachForums that he was offering a Cisco breach for sale. As is typical for his operations, he provided samples and credited another well-known collaborator, EnergyWeaponUser. The price for the breach was not specified and was to be negotiated privately, with payments accepted exclusively in XMR cryptocurrency.
|
By Cyberint
This is not only important for Cyberint's bottom line, but also crucial to demonstrate to investors that we are spending responsibly. One of the problems that CFOs encounter frequently is product sprawl. Where teams are using separate solutions for different purposes, each with their own price tag. Many of these point solutions aren’t better than a consolidated product; if they were using one, the information shared would make the tool more valuable. Despite this product sprawl occurs. The same is true for cybersecurity products.
|
By Cyberint
Learn more about our Threat Intelligence here: https://cyberint.com/platform/threat-intelligence/
|
By Cyberint
Learn about Cyberint Threat Intelligence Here: https://cyberint.com/platform/threat-intelligence/
|
By Cyberint
Learn about what happened when we found a major US retailer employee's credentials on the Dark Web..
|
By Cyberint
The United States is at the epicenter of cyber crime globally. It is by far the most highly-targeted nation, and American businesses face a higher volume of attacks as well as more costly consequences when an attack is successful. In this webinar, Cyberint Threat Research Team Lead Shmuel Gihon will discuss the current US threat landscape, recent trends, and the most urgent risks to prepare for. Using research and data collected by the Cyberint research team.
|
By Cyberint
The suppliers are the weak point in the security organization, 62% of attacks were through suppliers..... Existing tactics such as periodic pen testing, questionaires etc. don't cut it! Find out who your suppliers are, how healthy their protection is, how targeted they are AND be notified when an issue happens.
|
By Cyberint
Up until 2023 third party risk management has been flawed. 2023 brings big changes and Cyberint is leading the way. We had fun acting out some of the benefits.....
- February 2025 (4)
- January 2025 (4)
- December 2024 (8)
- November 2024 (6)
- October 2024 (5)
- September 2024 (6)
- August 2024 (5)
- July 2024 (5)
- June 2024 (6)
- May 2024 (10)
- April 2024 (8)
- March 2024 (3)
- February 2024 (9)
- January 2024 (9)
- December 2023 (6)
- November 2023 (10)
- October 2023 (14)
- September 2023 (11)
- August 2023 (9)
- July 2023 (10)
- June 2023 (8)
- May 2023 (7)
- April 2023 (9)
- March 2023 (8)
- February 2023 (5)
- December 2022 (3)
- November 2022 (4)
- October 2022 (5)
- September 2022 (6)
- August 2022 (5)
- July 2022 (4)
- June 2022 (3)
- May 2022 (4)
- April 2022 (4)
- March 2022 (8)
- February 2022 (6)
- January 2022 (2)
- December 2021 (7)
- November 2021 (4)
- October 2021 (2)
- September 2021 (3)
- August 2021 (4)
- July 2021 (7)
- June 2021 (3)
- May 2021 (6)
- April 2021 (5)
- March 2021 (4)
- February 2021 (5)
- January 2021 (12)
- December 2020 (6)
- November 2020 (2)
- October 2020 (4)
- July 2020 (1)
- May 2020 (1)
- April 2020 (2)
- March 2020 (3)
- January 2020 (1)
- December 2019 (2)
- September 2019 (1)
- May 2019 (1)
- March 2019 (1)
- November 2018 (1)
- January 2018 (3)
- May 2014 (2)
Best-in-class managed intelligence suite. We help you identify emerging threats, verify your security posture, and respond effectively to reduce their impact.
CyberInt's Managed Detection and Response services span globally and include some of the top finance, retail and telecommunication organizations. Allowing our customers to combat and respond to advanced cyber threats that would normally go unnoticed by standard security controls, while protecting their brand, digital assets and customers.
Solutions:
- Threat Intelligence: Real-time monitoring of threats in the deep, dark and open web such as phishing and malware campaigns, brute-force and credential stuffing threats, data leakage, including personal identifiable information (PII), and fraudulent activity.
- Digital Risk: Digital footprint discovery and ongoing monitoring of organizations’ cloud and external facing assets. Ensuring visibility into assets with severity-based prioritization of issues to address, highlighting related threats, vulnerabilities, and weaknesses.
- Threat Hunting: Driven by Cyberint proprietary intelligence and custom detections service provides continuous hunt for threats across the IT and infrastructure. Leveraging 3rd party EDR-agnostic technology and SOAR, we deploy proprietary automated playbooks to contain and mitigate threats within minutes.
- Cybersecurity Assessment: Testing applications and infrastructure’s resilience to cyberattacks, to identify weaknesses and loopholes in your security posture.
Intelligence-driven Detection & Response. Leveraging threat intelligence suite, threat hunting and threat mitigation and response services.