Cybercrime

From malware and botnets to the latest cybercriminal schemes, check out what today’s black hat hackers are up to.

Blog > Cybercrime

Risk vs. Threat: Best Practices from a Fortune 50 Retailer

March 23, 2017

I’m happy to present a guest post from an experienced cyber intelligence analyst for a Fortune 50 retailer — who happens to be a Flashpoint client. He wanted to share some best practices based on his experience leveraging cyber threat intelligence to assess business risk, address threats, and shape the strategy for his company’s information […]

Read more

Best Practices for Addressing Four Common Threats

Flashpoint’s customers represent a diverse mix of global organizations and business functions spanning nearly every industry. On one hand, this means that our team has gained extensive experience using Business Risk Intelligence (BRI) to help our customers address some of the rarest, most obscure threats emerging from the Deep & Dark Web. On the other […]

Read more

Business Email Compromise: The Oft-Overlooked Costly Dark Horse of Attacks

Business Email Compromise (BEC), also known as “free money scams”, is a constant threat to organizations, their employees, and their users. Although little sophistication is needed to carry out a successful BEC, these types of attacks continue to occur more frequently and inflict greater damage than ever before. Unfortunately, this means that many of us […]

Read more

Psychology of an Eastern European Cybercriminal: Mindset Drives Behavior

By FP_Analyst
February 14, 2017

Most conversations about the Eastern European cybercrime landscape focus heavily on the specific threats originating from this community of actors. For security practitioners and intelligence analysts, this often means in-depth technical analysis on everything from new strains of malware and emerging fraud schemes to zero-day vulnerabilities and large-scale DDoS attacks. While such information is undoubtedly […]

Read more

MongoDB Ransomers Overwriting Each Others’ Notes, Leaving Admins with No Options

Open MongoDB database servers with default settings have been a source of stress for security teams for well over a year. These vulnerable databases can result in breaches affecting millions of people. Though administrators have been warned to secure these servers, the lack of doing so has resulted in tens of thousands of open MongoDB […]

Read more

U.S. Sanctions Against Russia Raise Questions Over National Security Policy

December 29, 2016

On December 29, 2016, United States President Barack Obama formally enacted measures targeting the Russian Federation in response to a campaign of Russian state-sponsored interference in the 2016 U.S. Presidential Election. The President approved an amendment to Executive Order 13964, updating a previous executive order that gave the Federal government expanded authority to respond to […]

Read more

Insider Threats: “The Shadow Brokers” Likely Did Not Hack the NSA

UPDATED 12/20/2016 3:45 PM ET  Key Takeaways • Based on the data released in the most recent dump by the threat actor known as “The Shadow Brokers,” Flashpoint assesses with medium confidence that the stolen information was likely obtained from a rogue insider. Flashpoint is uncertain of how these documents were exfiltrated, but they appear to […]

Read more

Flashpoint and Talos Analyze the Curious Case of the flokibot Connector

Key Takeaways • In the financial cybercrime landscape, we see a continuous progression of the malware known as “Floki Bot,” which has been marketed by the actor “flokibot” since September 2016. • Language is not a barrier: though experience suggests that many cybercriminals tend to stay within their language groups, those with a high level […]

Read more