By Ippolito Forni, Threat Intelligence Analyst As we have seen in this blog series so far, the ransomware ecosystem is quickly evolving (if you missed the previous parts, check out ‘The Rise of the Biggest Cyberthreat’ and ‘GandCrab, Sodinokibi and How to Scam a RaaS Operator’). The ease of executing…

In part one of our ‘Evolution of the Ransomware Landscape’ blog series we examined how ransomware grew quickly into the biggest cyberthreat to date in terms of both data loss as well as direct and indirect costs for victims. We also looked at a new trend for ransomware operations in…

By Ippolito Forni, Threat Intelligence Analyst The ransomware landscape has evolved into a massive problem in the past few years. The modus operandi and TTPs are more mature, threat actors are targeting big public and private organizations and the amount of the average ransom payments have increased significantly as well…

Managing a work flow in Cyber Threat Intelligence is non-trivial. Many organizations are attempting to adopt an agile style of working. If you are setting up or planning to improve your intel team to make it work in an agile way it doesn’t mean that…

In the second part of this three-part series, we explored the potential of using an existing STIX 2.1 Object for structuring the analysis of competing hypotheses (ACH). But once we looked at what was needed to structure ACH it became apparent that the 2.1 STIX Opinion Object was not going…

By Caitlin Huey, Senior Threat Intelligence Analyst In the first part of this blog series we talked about some initial hurdles that the intelligence community has in structuring Analysis of Competing Hypotheses (ACH) in a consistent way. In this follow-up post we will address how analysts first thought about tackling…

By Caitlin Huey, Senior Threat Intelligence Analyst Welcome to the first in a three part series of blogs which will address: 1. How to structure Analysis of Competing Hypotheses 2. Moving past STIX 2.1 Opinion Object 3. Introducing the Hypothesis Object In this first blog we will look at what…

By Joep Gommers, CEO & Founder The cyber threat intelligence landscape has undergone rapid change in recent years. This can be attributed to three main factors. First, the growth in the number of security vendors has resulted in an increased supply of solutions and capabilities. Second, wide-ranging data protection legislation…