Cybercrime

From malware and botnets to the latest cybercriminal schemes, check out what today’s black hat hackers are up to.

Blog > Cybercrime

Diaries of a Fraudster

By Flashpoint Analyst Team
May 11, 2017

Last week, a fraudster published his own “diary” on the Deep & Dark Web. As far as the typical excitement of reading someone else’s diary goes, it’s a little disappointing. But in terms of providing insight into the mind of a fraudster, there are some juicy tidbits that detail the individual’s rise and maturation as […]

Read more

Threat Actors Leverage “Phonecord” Bot to Harass Victims

Although the majority of cyber threat actors are fueled by the desire for financial or political gain, some actors lack traditional motivations altogether. Often referred to as “attention-seekers”, these actors’ malicious activities are driven typically by nothing more than a desire to attract attention by causing chaos for their own amusement. Despite their reputation for […]

Read more

Dataset from “xDedic” Marketplace Suggests Government, Corporate RDP Servers Targeted

April 25, 2017

Background The xDedic marketplace is a predominant cybercriminal marketplace on the dark web known for hosting sales of access to compromised Remote Desktop Protocol (RDP) servers. RDP is Microsoft’s proprietary protocol that provides users with a graphical interface to connect to another computer over a network connection. System administrators frequently use RDP to control servers […]

Read more

Cybercrime Economy: An Analysis of Cybercriminal Communication Strategies

April 19, 2017

Malicious actors’ widespread preference for encrypted tools and services continues to fuel the ongoing debate over encryption. While jihadist groups such as ISIS first drew public attention to the issue during the high-profile battle between the FBI and Apple over the mobile phone belonging to one of the San Bernardino shooters in 2015, various threat […]

Read more

Evaluating Cyber and Physical Risks During International Travel

Whether for business or pleasure, international travel can present various cyber and physical risks. Unfortunately, the precarious state of the geopolitical and threat landscape has increased some of these risks, yielding widespread concern and uncertainty among those seeking to travel safely and securely. Given that certain threats may be particularly damaging not only to individual travelers […]

Read more

Attribution is [not] Broken

March 30, 2017

Everyone has his or her little window into Pretty Pink Panda #53, which someone else calls Lucky Leprechaun 98, which is really Red Leader, but only if you have a secret handshake to know that name, then it’s RL, because clearances. Attribution is broken. It has always been broken. And will always will be broken. […]

Read more

Risk vs. Threat: Best Practices from a Fortune 50 Retailer

March 23, 2017

I’m happy to present a guest post from an experienced cyber intelligence analyst for a Fortune 50 retailer — who happens to be a Flashpoint client. He wanted to share some best practices based on his experience leveraging cyber threat intelligence to assess business risk, address threats, and shape the strategy for his company’s information […]

Read more

Best Practices for Addressing Four Common Threats

Flashpoint’s customers represent a diverse mix of global organizations and business functions spanning nearly every industry. On one hand, this means that our team has gained extensive experience using Business Risk Intelligence (BRI) to help our customers address some of the rarest, most obscure threats emerging from the Deep & Dark Web. On the other […]

Read more

Business Email Compromise: The Oft-Overlooked Costly Dark Horse of Attacks

Business Email Compromise (BEC), also known as “free money scams”, is a constant threat to organizations, their employees, and their users. Although little sophistication is needed to carry out a successful BEC, these types of attacks continue to occur more frequently and inflict greater damage than ever before. Unfortunately, this means that many of us […]

Read more

Psychology of an Eastern European Cybercriminal: Mindset Drives Behavior

By Flashpoint Analyst Team
February 14, 2017

Most conversations about the Eastern European cybercrime landscape focus heavily on the specific threats originating from this community of actors. For security practitioners and intelligence analysts, this often means in-depth technical analysis on everything from new strains of malware and emerging fraud schemes to zero-day vulnerabilities and large-scale DDoS attacks. While such information is undoubtedly […]

Read more