IntSights' Blog

OilRig is an Iranian-linked Advanced Persistent Threat (APT) group, which also goes by the names of Cobalt Gypsy, Twisted Kitten and Crambus. The group was identified in 2015 and is believed to be linked to the Iranian Intelligence agency and the Islamic Revolutionary Guard Corps (IRGC). At...

Origin country: Russia

IntSights Cyber Intelligence Guides RSAC 2018 Attendees Through Dark Web Tour

Origin country: UnknownOther names: “TSB”, “TheShadowBrokers”First seen: 2016Famous attacks: “Attack on Equation group – NSA”TTP’s: Data Leakage, Vulnerability Exploit

Origin country: North KoreaOther Names: Hidden CobraRelated Subgroups: "Bluenoroff", "Andariel"First Seen: 20017Famous attacks: "Bangladesh SWIFT attack" "Taiwan Heist" "WannaCry Ransomware" TTP's: Back Door, Malware, DDoS, Trojan, Vulnerability Exploit, Data Leakage, Exploit Kit 

IntSight’s “CRT” researchers have discovered evidence that suggests a global phishing attack is being planned against “Minecraft” users.  At the time of this blog’s posting, it is not known who is planning the attack. Evidence of an attack in the planning stages consists of a list of 268 email...

Just this past week, news surfaced about Russian hacking group, Fancy Bear, targeting defense contractors’ personal email accounts to steal secrets on some of the most forward-leaning, advanced U.S. technologies.

[Reader’s Note:] This is the fourth and final installment in a series of blog posts describing a four-step process for using open source threat intelligence (OSINT) to create effective defenses against nation-state attackers. Check out Part One, Part Two or Part Three of the series if you missed...

On January the 28th, a new threat was added to the black market section of a notorious Russian Cyber Crime Forum. The post introduced a new type of ransomware, dubbed GandCrab. The post presented the ransomware as a “partnerka” (affiliation program) where the developer picks its “partners”, and...

[Reader’s Note:] This is the third installment in a series of blog posts describing a four-step process for using open source threat intelligence (OSINT) to create effective defenses against nation-state attackers. Check out Part One or Part Two of the series if you missed them! 

[Reader’s Note:] This is the second installment in a series of blog posts describing a four-step process for using open source threat intelligence (OSINT) to create effective defenses against nation-state attackers. If you missed Part One, check it out here!

2018 is kicking off with a bang as Intsights joins the ranks for the first time in the Enterprise Management Associates (EMA) as a “Vendor to Watch”! Out of all the categories listed in the report, IntSights is rated as “strong” in every aggregate category and receives more “outstanding” ratings...

While many enterprises are enhancing traditional security strategies with increasingly proactive measures, there is still a widespread misconception amongst security professionals that nation-state attacks are impossible to anticipate and effectively defend against. It is believed that using...

With the growing intricacy of the cyber-criminal space, cyber attacks are becoming more complex, creative, and tailored to the industries and organizations they target. To pull off a sucessful attack, cyber criminals must research, prepare and seek out information on their targets.

When President Trump recognized Jerusalem as the capital of Israel last week, many feared that his announcement would lead to widespread violence and instability across the Middle East.  The Arab League warned that, even though his decision “has no legal effect, (it) deepens tension, ignites...