Emerging Threats

Our musings on navigating the ever-evolving cyber & physical threat landscapes.

Blog > Emerging Threats

Business Risk Intelligence: Threat and Capabilities Matrix for Decision-Makers (Preview)

January 12, 2017

Yesterday we released our inaugural Business Risk Intelligence Decision Report. Unlike traditional end-of-year reports, we chose to eschew providing predictions for the coming year, which from our experience are overly generic and do not lend themselves to supporting informed decision-making. Instead, the Flashpoint team looked back at 2016 and drew from our unique tools and […]

Read more

Flashpoint’s Inaugural Business Risk Intelligence — Decision Report

January 11, 2017

Cybercriminals, jihadists, nation-state cyber actors, hacktivists, and cyber attention-seekers received widespread global attention throughout 2016, laying the foundation for what is already shaping up to be an eventful and challenging 2017. Consequently, the resulting complexity of the current geopolitical and cyber threat climate has led many decision-makers to reevaluate the role of cybersecurity within their […]

Read more

MongoDB Ransomers Overwriting Each Others’ Notes, Leaving Admins with No Options

Open MongoDB database servers with default settings have been a source of stress for security teams for well over a year. These vulnerable databases can result in breaches affecting millions of people. Though administrators have been warned to secure these servers, the lack of doing so has resulted in tens of thousands of open MongoDB […]

Read more

Insider Threats: “The Shadow Brokers” Likely Did Not Hack the NSA

UPDATED 12/20/2016 3:45 PM ET  Key Takeaways • Based on the data released in the most recent dump by the threat actor known as “The Shadow Brokers,” Flashpoint assesses with medium confidence that the stolen information was likely obtained from a rogue insider. Flashpoint is uncertain of how these documents were exfiltrated, but they appear to […]

Read more

Jihadists Advise American Muslims to Arm Themselves Ahead of Trump Presidency

December 14, 2016

Key Takeaways • Discussions about the U.S. presidential election and subsequent President-elect Donald Trump victory have recently taken place on a private, predominantly pro-al-Qaida Dark Web channel, in which several members are self-identified Westerners, including Americans. • During these discussions, these members expressed fear as they anticipate anti-Muslim violence and policies under the new administration. […]

Read more

Flashpoint and Talos Analyze the Curious Case of the flokibot Connector

Key Takeaways • In the financial cybercrime landscape, we see a continuous progression of the malware known as “Floki Bot,” which has been marketed by the actor “flokibot” since September 2016. • Language is not a barrier: though experience suggests that many cybercriminals tend to stay within their language groups, those with a high level […]

Read more

New Mirai Variant Leaves 5 Million Devices Worldwide Vulnerable — High Concentration in Germany, UK and Brazil

Key Takeaways • Flashpoint confirms the existence of a new Mirai variant and its involvement in the recent Deutsche Telekom outage. Flashpoint has linked at least one distributed denial-of-service (DDoS) attack to this variant. Flashpoint assesses with high confidence that the new Mirai variant is likely an attempt by one of the existing Mirai botmasters […]

Read more

By Accident or Design? Supply Chain Risks of Chinese-made Devices

Key Takeaways • On November 15, 2016, American media outlets reported that Android devices in the United States were found to be transmitting sensitive user information back to a server in Shanghai, China. The total number of known affected devices is 120,000, which were manufactured by Florida-based BLU Products. • The incident was caused by […]

Read more