Emerging Threats

Our musings on navigating the ever-evolving cyber & physical threat landscapes.

Blog > Emerging Threats

Best Practices for Addressing Four Common Threats

Flashpoint’s customers represent a diverse mix of global organizations and business functions spanning nearly every industry. On one hand, this means that our team has gained extensive experience using Business Risk Intelligence (BRI) to help our customers address some of the rarest, most obscure threats emerging from the Deep & Dark Web. On the other […]

Read more

Business Email Compromise: The Oft-Overlooked Costly Dark Horse of Attacks

Business Email Compromise (BEC), also known as “free money scams”, is a constant threat to organizations, their employees, and their users. Although little sophistication is needed to carry out a successful BEC, these types of attacks continue to occur more frequently and inflict greater damage than ever before. Unfortunately, this means that many of us […]

Read more

Business Risk Intelligence: Threat and Capabilities Matrix for Decision-Makers (Preview)

January 12, 2017

Yesterday we released our inaugural Business Risk Intelligence Decision Report. Unlike traditional end-of-year reports, we chose to eschew providing predictions for the coming year, which from our experience are overly generic and do not lend themselves to supporting informed decision-making. Instead, the Flashpoint team looked back at 2016 and drew from our unique tools and […]

Read more

Flashpoint’s Inaugural Business Risk Intelligence — Decision Report

January 11, 2017

Cybercriminals, jihadists, nation-state cyber actors, hacktivists, and cyber attention-seekers received widespread global attention throughout 2016, laying the foundation for what is already shaping up to be an eventful and challenging 2017. Consequently, the resulting complexity of the current geopolitical and cyber threat climate has led many decision-makers to reevaluate the role of cybersecurity within their […]

Read more

MongoDB Ransomers Overwriting Each Others’ Notes, Leaving Admins with No Options

Open MongoDB database servers with default settings have been a source of stress for security teams for well over a year. These vulnerable databases can result in breaches affecting millions of people. Though administrators have been warned to secure these servers, the lack of doing so has resulted in tens of thousands of open MongoDB […]

Read more

Insider Threats: “The Shadow Brokers” Likely Did Not Hack the NSA

UPDATED 12/20/2016 3:45 PM ET  Key Takeaways • Based on the data released in the most recent dump by the threat actor known as “The Shadow Brokers,” Flashpoint assesses with medium confidence that the stolen information was likely obtained from a rogue insider. Flashpoint is uncertain of how these documents were exfiltrated, but they appear to […]

Read more

Jihadists Advise American Muslims to Arm Themselves Ahead of Trump Presidency

December 14, 2016

Key Takeaways • Discussions about the U.S. presidential election and subsequent President-elect Donald Trump victory have recently taken place on a private, predominantly pro-al-Qaida Dark Web channel, in which several members are self-identified Westerners, including Americans. • During these discussions, these members expressed fear as they anticipate anti-Muslim violence and policies under the new administration. […]

Read more

Flashpoint and Talos Analyze the Curious Case of the flokibot Connector

Key Takeaways • In the financial cybercrime landscape, we see a continuous progression of the malware known as “Floki Bot,” which has been marketed by the actor “flokibot” since September 2016. • Language is not a barrier: though experience suggests that many cybercriminals tend to stay within their language groups, those with a high level […]

Read more