How to Organize and Classify Different Aspects of Cyber Threat Intelligence

Over the past few years, cyber threat intelligence has matured to cover many different aspects of business. What threat intelligence is and how people view and define it can vary quite a bit depending on the vendor providing the intelligence, the business unit consuming that intelligence, the deliverables expected of the intelligence, and the ultimate… Read More

Dark Web Markets, Equifax Breach Raise Authentication Concerns

The recent Equifax breach once again has the whole nation talking about cybercrime — and the widespread fraud and identity theft likely to follow in the wake of 143 million compromised consumers. Identity theft is a major concern for individuals, but as SurfWatch Labs chief security strategist Adam Meyer noted, malicious actors spring boarding off… Read More

Leaked Exploits Have Fueled Cybercrime So Far in 2017, Says New Report

Leaked exploits and increased cybercrime-as-a-service offerings — along with the expanding digital footprints of organizations — helped to fuel cybercrime in the first half of 2017, according to a mid-year threat intelligence report from SurfWatch Labs. The global outbreaks of WannaCry and NotPetya have dominated headlines so far this year. Although vastly different from the record-setting,… Read More

Ransomware Disrupting Business Operations and Demanding Higher Payouts

Malicious actors are continually fine-tuning their tactics, and one of the best examples of this is the evolution of ransomware. Ransomware has largely been an opportunistic, rather than a targeted, form of cybercrime with the goal of infecting as many users as possible. That model has worked so effectively that extortion is now ubiquitous when it… Read More

Fake Extortion Demands and Empty Threats on the Rise

I’ve previously written about the rise of extortion as an emerging trend for 2017, but if you didn’t want to take my word for it, you should have listened to the numerous warnings shared at this year’s RSA 2017. Cyber-extortion has become one of the primary cybersecurity-related issues facing organizations — and it appears to be here… Read More

Organizations Struggle with Third Party and Supply Chain Cybercrime, Says New Report

The past year saw organizations struggle with third-party issues as malicious actors shifted their tactics towards weak points in the supply chain and exploited the interconnected nature of cybercrime, according to a new report from SurfWatch Labs. “One of the most telling statistics in all of SurfWatch Labs’ evaluated cyber threat data is the rise of… Read More

Hacktivists Use Automated Tools, Growing Reach to Target Government Organizations

Despite recent media attention surrounding nation-state hackers infiltrating government organizations and attempting to influence elections, the bulk of government-related cybercrime tends to be driven by less sophisticated and more ideologically-motivated campaigns carried out by hacktivist actors, according to a new report from SurfWatch Labs. Government is the third most active sector when it comes to cybercrime, behind only information… Read More

Learning from Cybercriminals: Using Public Tools for Threat Intelligence

Effective cyber threat intelligence is largely about gaining proper context around the risks facing your organization. As SurfWatch Labs chief security strategist Adam Meyer recently wrote, there are three pillars when it comes to evaluating those cyber threats: capability, intent and opportunity. The first two, the capability and intent of threat actors, are mostly external aspects that you… Read More

Cybercrime is Increasingly Interconnected, Says New SurfWatch Labs Report

The first half of 2016 is over, and SurfWatch Labs analysts have spent the past few weeks sifting through the huge amount of cybercrime data we collected — totaling tens of thousands of CyberFacts across more than 3,400 industry targets — in order to identify threat intelligence trends to include in our mid-year 2016 report. “If anything,” the report notes, “the stories behind these… Read More

Cybercriminals are Increasingly Targeting Personal Info, Says Report

Cybercriminals have shifted their focus away from stealing payment card data in favor of targeting personal information and directly extorting victims, according to a new report from SurfWatch Labs. The trends aren’t surprising, said SurfWatch Labs chief security strategist Adam Meyer, who discussed the report on this week’s Cyber Chat podcast. Cybercrime is a business, and malicious actors gravitate towards the process that gives… Read More