Stay informed with articles on threat intelligence practices that help organizations anticipate, identify, and respond to cyber threats. This tag covers threat feeds, indicators of compromise, adversary tracking, intelligence sharing frameworks, and how to build an effective threat intelligence program.
posts
In December 2020, cybersecurity firm FireEye disclosed that a threat actor had compromised SolarWinds' Orion software update mechanism, distributing malware to roughly 18,000 organizations — including the U.S. Treasury, the Department of Homeland Security, and Fortune 500 companies. The attackers didn't break down the front door.
In February 2024, a threat actor going by "USDoD" listed 2.9 billion records from National Public Data on a dark web forum — records that included Social Security numbers, full names, and addresses of nearly every American adult. The breach didn't make mainstream headlines until months
A Single Click Cost MGM Resorts $100 Million In September 2023, a threat actor called Scattered Spider used social engineering to trick an MGM Resorts help desk employee into resetting credentials. Within hours, they deployed malware across MGM's network — crippling hotel check-ins, slot machines, and digital room keys
A $12.5 Billion Problem Nobody Can Ignore The FBI's Internet Crime Complaint Center reported $12.5 billion in losses from cybercrime in 2023 — a 22% increase from the prior year. That number represents real money stolen from real organizations, many of whom believed they had adequate defenses.
In January 2023, the FBI and international law enforcement took down the Hive ransomware group's dark web infrastructure, seizing servers that had processed over $100 million in ransom payments from hospitals, school districts, and financial firms. That operation gave the public a rare, concrete look at what the
In 2022, the FBI's Internet Crime Complaint Center (IC3) received over 800,000 complaints with losses exceeding $10.3 billion — and malware was the engine behind a staggering number of those incidents. I've spent years watching organizations get blindsided not because they lacked firewalls, but because
In March 2022, the FBI's Internet Crime Complaint Center reported that business email compromise — a direct descendant of spear phishing — cost organizations over $2.4 billion in 2021 alone. That number dwarfs ransomware losses. Yet most people I talk to still think phishing means a badly written email
In April 2021, a collection of 533 million Facebook user records surfaced on a dark web forum — names, phone numbers, email addresses, all posted for anyone to grab. Three months before that, a compilation of 3.2 billion email and password pairs called COMB (Compilation of Many Breaches) appeared on
Colonial Pipeline Was Just the Beginning In May 2021, a single compromised password shut down the largest fuel pipeline in the United States. Colonial Pipeline paid DarkSide operators $4.4 million in ransom. Fuel shortages rippled across the Southeast for days. That attack used just one of the many types
Your Employees' Passwords Are Already for Sale In March 2024, a single dark web marketplace listed over 10 billion stolen credentials. That's not a typo. The Verizon 2024 Data Breach Investigations Report found that stolen credentials were involved in roughly 31% of all breaches over the past
