Tag

Threat Intelligence

Stay informed with articles on threat intelligence practices that help organizations anticipate, identify, and respond to cyber threats. This tag covers threat feeds, indicators of compromise, adversary tracking, intelligence sharing frameworks, and how to build an effective threat intelligence program.

posts

Spear Phishing

What Is Spear Phishing? The Targeted Attack Behind Major Breaches

In March 2022, the FBI's Internet Crime Complaint Center reported that business email compromise — a direct descendant of spear phishing — cost organizations over $2.4 billion in 2021 alone. That number dwarfs ransomware losses. Yet most people I talk to still think phishing means a badly written email

Carl B. Johnson Apr 22, 2022 6 min read
Dark Web Monitoring

Dark Web Monitoring for Businesses: A Practical Guide

In April 2021, a collection of 533 million Facebook user records surfaced on a dark web forum — names, phone numbers, email addresses, all posted for anyone to grab. Three months before that, a compilation of 3.2 billion email and password pairs called COMB (Compilation of Many Breaches) appeared on

Carl B. Johnson Sep 23, 2021 7 min read
Types of Malware

Types of Malware: What's Actually Hitting Networks in 2021

Colonial Pipeline Was Just the Beginning In May 2021, a single compromised password shut down the largest fuel pipeline in the United States. Colonial Pipeline paid DarkSide operators $4.4 million in ransom. Fuel shortages rippled across the Southeast for days. That attack used just one of the many types

Carl B. Johnson Sep 16, 2021 7 min read
Dark Web Monitoring

Dark Web Monitoring for Businesses: A Practical Guide

Your Employees' Passwords Are Already for Sale In March 2024, a single dark web marketplace listed over 10 billion stolen credentials. That's not a typo. The Verizon 2024 Data Breach Investigations Report found that stolen credentials were involved in roughly 31% of all breaches over the past

Carl B. Johnson Jun 25, 2020 8 min read
Dark Web Monitoring

Dark Web Monitoring for Businesses: A Practical Guide

In April 2024, a credentials dump containing over 26 billion records — dubbed the "Mother of All Breaches" — surfaced on dark web forums. LinkedIn, Twitter, Dropbox, Adobe, and hundreds of other platforms were represented. Within weeks, threat actors were using those credentials in automated stuffing attacks against small and

Carl B. Johnson Aug 14, 2019 7 min read
Dark Web

What Is the Dark Web? A Security Pro's Real Guide

Your Employees' Passwords Are Probably Already There In 2023, the FBI's Internet Crime Complaint Center received over 880,000 complaints with potential losses exceeding $12.5 billion — and a significant share of that activity traces back to credentials and data traded on dark web marketplaces. If you&

Carl B. Johnson Jul 25, 2019 6 min read
Malware

What Is Malware? A Security Pro's Field Guide for 2026

In 2023, the FBI's Internet Crime Complaint Center (IC3) received over 880,000 complaints with potential losses exceeding $12.5 billion — a 22% increase from the year before. A massive share of those incidents started with a single piece of malicious software landing on someone's machine.

Carl B. Johnson Jul 20, 2019 7 min read