We’ve analyzed 2,500 startups to identify the fastest-growing companies in search over the last year. 2024 was an especially challenging year for startups. Investors exerted extra caution in the face of inflation and rising interest rates, leading to a 26% decline in funding compared to 2023. But it wasn’t all doom and gloom. Sectors like AI and … Read more
Not another password change! Isn’t one (1) extra-long password enough? As a former Incident Response, Identity and Access Control, and Education and Awareness guru, I can attest that password security and complexity requirement discussions occur frequently during National Institute of Standards and Technology (NIST) assessments. Access Control is typically a top finding in most organizations, … Read more
From November 2023 to April 2024, Insikt Group identified cyber-espionage activities conducted by RedJuliett, a likely Chinese state-sponsored group, primarily targeting government, academic, technology, and diplomatic organizations in Taiwan. RedJuliett exploited known vulnerabilities in network edge devices such as firewalls, virtual private networks (VPNs), and load balancers for initial access. The group likely operates from … Read more
Open Source Intelligence (OSINT) is the practice of gathering, analyzing, and disseminating information from publicly available sources to address specific intelligence requirements. Of all the threat intelligence subtypes, open source intelligence (OSINT) is perhaps the most widely used, which makes sense. After all, it’s mostly free, and who can say no to that? Unfortunately, much … Read more
Cyber threats are becoming increasingly sophisticated and frequent, making it imperative for organizations to leverage cyber threat intelligence to stay ahead of potential cyber attacks. Organizations across all industries are recognizing the importance of implementing robust threat intelligence solutions to stay ahead of cybercriminals and protect their valuable assets. The Role of Threat Intelligence Organizations … Read more
Editor’s note: The following blog post originally appeared on Levi Gundert’s Substack page. Developing stories that instill confidence in governance bodies (GBs) is prominent in many CISO discussions – but not all stories carry the same value. I was recently in Singapore, engaging in a fireside chat with the esteemed John Yong. John, a seasoned … Read more
Following exposure and sanctions by the US government, Intellexa’s Predator spyware activity appeared to decline. However, recent findings by Insikt Group reveal that Predator’s infrastructure is back with modifications to evade detection and anonymize users. This resurgence highlights Predator’s ongoing use by customers in countries such as the Democratic Republic of the Congo (DRC) and … Read more
Globally, regulations and directives are significantly altering the way organizations address cyber resilience, emphasizing the necessity for a more proactive stance. This is evident in both the Digital Operational Resilience Act (DORA) and the second version of the Network and Information Systems Directive (NIS2). What is DORA? DORA establishes technical standards for EU member states … Read more
The rise of deepfakes poses significant threats to elections, public figures, and the media. Recent Insikt Group research highlights 82 deepfakes targeting public figures in 38 countries between July 2023 and July 2024. Deepfakes aimed at financial gain, election manipulation, character assassination, and spreading non-consensual pornography are on the rise. To counter these risks, organizations … Read more
Summary Rhysida ransomware, first active in early 2023, employs multi-tiered infrastructure and CleanUpLoader for post-exploitation activities. UsingRecorded Future’s Network Intelligence, Insikt Group identified Rhysida victims an average of 30 days before they appeared on public extortion sites, offering a critical window to prevent ransomware deployment and mitigate damage. The infrastructure includes typosquatted domains, SEO poisoning, … Read more
