Cybercrime & Digital Threats

In this article, we briefly detail what IPFS is and how it works at the user level, before providing up to date statistics about the current usage of IPFS by cybercriminals, especially for hosting phishing content. We will also discuss emerging new cybercrime activities abusing the IPFS protocol and detail how cybercriminals already consider IPFS for their deeds.

A look into the cybercriminal gender gap, the status and perceptions on gender profiles in the underground, and the role assumptions have for law enforcement.

Our research paper shows how decision-makers that are in a position to affect ransomware at scale – including policy-makers and industry leaders – can use data-science approaches to understand ransomware risk holistically and build cybersecurity strategies that can affect the ransomware ecosystem as a whole.

In this report, we examine how these low-level threats have evolved through the years and discuss the three types of low-level threats that affect Windows systems. The categorization of more than 60 of the most noteworthy Windows low-level threats observed in the wild from 2015 to 2022 and where these threats stand in today’s threat landscape are discussed.

Our research looks at the potential evolutions and revolutions in the current ransomware landscape based on significant triggers and catalysts. We highlight the specific developments (triggers) that could cause gradual changes (evolutions) before sparking more drastic transformations (revolutions).

From articles to hackathons, cybercriminals are resorting to crowdsourcing to find more ways to exploit systems. In this article, we tackle these contests, explore their results, and anticipate their possible impacts on the work of cybersecurity defenders.

Remote and hybrid workplaces are now the norm. We highlight some risks and threats to these setups and detail recommendations for organizations to keep their diffused labor pool secure.

Our research on APT group Earth Aughisky (aka Taidoor) lists the observed malware, connections, and developments attributed to the group. We also include our insights on the possible implications of changes in the organization's activities for their current and future victims.

Cybercriminal groups cannot operate independently. To keep their operations up and running, they need specific services provided by third parties. We investigate one such business that has been integral to the activities of a number of high-profile gangs.