Category: Research

2021 Adversary Infrastructure Report

2021 Adversary Infrastructure Report

January 18, 2022 • Insikt Group®

Recorded Future tracks creation of and changes to infrastructure for post-exploitation toolkits, malware, and remote access trojans.

Read more
FIN7 Uses Flash Drives to Spread Remote Access Trojan

FIN7 Uses Flash Drives to Spread Remote Access Trojan

January 13, 2022 • Gemini Advisory

Recorded Future analysts continue to monitor the activities of the FIN7 group as they adapt and expand their cybercrime operations.

Read more
Combating Human Trafficking With Threat Intelligence — Prevention

Combating Human Trafficking With Threat Intelligence — Prevention

January 11, 2022 • Insikt Group®

Threat intelligence can aid in preventing human trafficking by identifying warning signs and potentially malicious behaviors.

Read more
China’s Narrative War on Democracy

China’s Narrative War on Democracy

December 21, 2021 • Charity Wright

China’s entire propaganda system is working at full force in the largest Chinese state-sponsored overt influence campaign to date.

Read more
Are Ransomware Attacks Slowing Down? It Depends on Where You Look

Are Ransomware Attacks Slowing Down? It Depends on Where You Look

December 20, 2021 • Allan Liska

There is little doubt that continued and consistent law enforcement action against ransomware groups is needed; have they been effective?

Read more
5 Common Ransomware ATT&CK Techniques

5 Common Ransomware ATT&CK Techniques

December 16, 2021 • Insikt Group®

Ransomware continues to evade detection and infect. Defenders need to continually mature to detect and stop a ransomware attack.

Read more
Full Spectrum Detections for 5 Popular Web Shells: Alfa, SharPyShell, Krypton, ASPXSpy, and TWOFACE

Full Spectrum Detections for 5 Popular Web Shells: Alfa, SharPyShell, Krypton, ASPXSpy, and TWOFACE

December 14, 2021 • Insikt Group®

Web shells often go undetected due to a small footprint, an organization’s limited visibility, and the ability to blend in with normal.

Read more
Log4Shell: How It’s Being Exploited and How to Mitigate Damage

Log4Shell: How It’s Being Exploited and How to Mitigate Damage

December 14, 2021 • John Wetzel

A vulnerability in Log4j can execute remote code with the full privileges of the main program. The exploit has been dubbed Log4Shell.

Read more
Chinese State-Sponsored Cyber Espionage Activity Supports Expansion of Regional Power and Influence in Southeast Asia

Chinese State-Sponsored Cyber Espionage Activity Supports Expansion of Regional Power and Influence in Southeast Asia

December 8, 2021 • Insikt Group®

Our research highlights China’s continued strategic and tactical interest in government and private sector organizations in Southeast Asia.

Read more
Magecart Groups Abuse Google Tag Manager

Magecart Groups Abuse Google Tag Manager

December 6, 2021 • Gemini Advisory

Gemini analysts have observed 316 e-commerce sites infected by Magecart attacks that deploy trojanized Google Tag Manager (GTM) containers.

Read more

Categories


New call-to-action