AI in Security Systems

Chinese State-Sponsored RedJuliett Intensifies Taiwanese Cyber Espionage via Network Perimeter Exploitation

[ad_1] From November 2023 to April 2024, Insikt Group identified cyber-espionage activities conducted by RedJuliett, a likely Chinese state-sponsored group, primarily targeting government, academic, technology, and diplomatic organizations in Taiwan. RedJuliett exploited known vulnerabilities in network edge devices such as firewalls, virtual private networks (VPNs), and load balancers for initial access. The group likely operates … Read more

What Is Open Source Intelligence (OSINT)?

[ad_1] Open Source Intelligence (OSINT) is the practice of gathering, analyzing, and disseminating information from publicly available sources to address specific intelligence requirements. Of all the threat intelligence subtypes, open source intelligence (OSINT) is perhaps the most widely used, which makes sense. After all, it’s mostly free, and who can say no to that? Unfortunately, … Read more

5 Threat Intelligence Use Cases and Examples

[ad_1] Cyber threats are becoming increasingly sophisticated and frequent, making it imperative for organizations to leverage cyber threat intelligence to stay ahead of potential cyber attacks. Organizations across all industries are recognizing the importance of implementing robust threat intelligence solutions to stay ahead of cybercriminals and protect their valuable assets. The Role of Threat Intelligence … Read more

How Threat Volume and Velocity Shape Cyber Risk Narratives for Governance Bodies

[ad_1] Editor’s note: The following blog post originally appeared on Levi Gundert’s Substack page. Developing stories that instill confidence in governance bodies (GBs) is prominent in many CISO discussions – but not all stories carry the same value. I was recently in Singapore, engaging in a fireside chat with the esteemed John Yong. John, a … Read more

Predator Spyware Infrastructure Resurfaces Post-Sanctions – What You Need to Know

[ad_1] Following exposure and sanctions by the US government, Intellexa’s Predator spyware activity appeared to decline. However, recent findings by Insikt Group reveal that Predator’s infrastructure is back with modifications to evade detection and anonymize users. This resurgence highlights Predator’s ongoing use by customers in countries such as the Democratic Republic of the Congo (DRC) … Read more

Strengthening Cyber Resilience in the EU

[ad_1] Globally, regulations and directives are significantly altering the way organizations address cyber resilience, emphasizing the necessity for a more proactive stance. This is evident in both the Digital Operational Resilience Act (DORA) and the second version of the Network and Information Systems Directive (NIS2). What is DORA? DORA establishes technical standards for EU member … Read more

Key Findings & Mitigation Strategies

[ad_1] The rise of deepfakes poses significant threats to elections, public figures, and the media. Recent Insikt Group research highlights 82 deepfakes targeting public figures in 38 countries between July 2023 and July 2024. Deepfakes aimed at financial gain, election manipulation, character assassination, and spreading non-consensual pornography are on the rise. To counter these risks, … Read more

How Advanced Threat Intelligence Shields Critical Infrastructure from Ransomware

[ad_1] Summary Rhysida ransomware, first active in early 2023, employs multi-tiered infrastructure and CleanUpLoader for post-exploitation activities. UsingRecorded Future’s Network Intelligence, Insikt Group identified Rhysida victims an average of 30 days before they appeared on public extortion sites, offering a critical window to prevent ransomware deployment and mitigate damage. The infrastructure includes typosquatted domains, SEO … Read more

The Resilience Dilemma

[ad_1] Editor’s note: The following blog post originally appeared on Levi Gundert’s Substack page. “Riz” was Oxford’s 2023 word of the year. For the uninitiated, riz roughly translates to charisma (if you have a young teenager at home, ask them for a definition of “rizzler” and enjoy the confused expression resulting from your breach of … Read more

Operation Overload Impersonates Media to Influence 2024 US Election

[ad_1] Summary Operation Overload, a Russia-aligned influence operation, is aggressively targeting the 2024 US presidential election. Using fake news, fact-checking sites, and AI-generated audio, it seeks to manipulate public opinion by impersonating trusted media organizations. This campaign primarily targets media outlets, fact-checkers, and researchers, aiming to overwhelm investigative resources and insert false narratives into mainstream … Read more