Articles about Threat intelligence

New analysis of illicit dark web marketplaces where cybercriminals buy and sell access to corporate networks uncovers new insights into how initial access to compromised businesses is being sold -- often for less than $1,000 -- and the steps defenders can take to disrupt the process in its earliest stages.

Rapid7’s threat intelligence researchers analyzed hundreds of posts by Initial Access Brokers (IABs) offering access to compromised networks across a range of industries and regions. Their findings show that ‘initial’ access doesn’t necessarily equate to minimal; in many cases, this access represents a deep compromise.

Continue reading →

While 92 percent of respondents to a new survey say collaboration and information sharing are either 'absolutely crucial' or 'very important' in the fight against cyber threats, the results tell a different story when it comes to the adoption of this practice.

The study from Cyware, conducted among cybersecurity professionals at the RSA Conference 2025, finds only 13 percent say their current automation between cyber threat intelligence (CTI) and SecOps tools is working well. Nearly 40 percent day they struggle to coordinate data across critical security tools like Threat Intelligence Platforms (TIPs), SIEMs, and vulnerability management platforms.

Continue reading →

Google is once again leaning into its Gemini brand, this time with a focus on cybersecurity. You see, the search giant has announced Sec-Gemini v1, an experimental new AI model. It is designed to help security professionals fight back against cyber threats using real-time data and advanced reasoning. Because AI makes everything better, right?

Look, folks, attackers only need to get lucky once, while defenders have to be right every time. That unfortunate imbalance has made cybersecurity a nightmare for many organizations. Google is hoping AI might change that, giving defenders a slight edge.

Continue reading →

New research from the eSentire Threat Response Unit (TRU) shows a shift towards browser-based threats last year as more traditional email malware declines.

Moving onto 2025 the report predicts an increase in politically motivated cyberattacks, with adversaries disrupting the physical infrastructure of the Internet to disrupt internet access. It also expects we’ll see continued growth in ransomware attacks against all industries, abuse of certificate authority, and further increase in browser-based threats to deploy malware.

Continue reading →

Cyber threats are becoming more complex and it can be difficult for defenders to see the big picture and make decisions accordingly.

Now though help is at hand as ImmuniWeb is launching a free online tool making historical data on the security of internet-accessible resources available to the global cybersecurity community, educational institutions, government agencies, and even individual researchers.

Continue reading →

Threat intelligence is critical to protection efforts, but businesses often struggle with effective management and correlation of this data to help prioritize their efforts.

We spoke to Richard Struse, chief technology officer and co-founder of Tidal Cyber, to discuss the challenges presented when organizations scramble to update systems that aren’t actually vulnerable or stop threats that would essentially have no impact on their business.

Continue reading →

It might surprise you to know that more than 70 new vulnerabilities are published every day. And despite their risk-reducing value in helping SOC teams address these, vulnerability management solutions have drawbacks. Often, they only provide a snapshot of an organization’s vulnerabilities at a point in time. In fact, owing to their nature, vulnerabilities identified today may not exist tomorrow, or they may appear and disappear intermittently. This leaves security teams scrambling to understand not only what the risk is, but how it affects them and where they should start first with any remediation.

Often vulnerability management solutions struggle to support SOC teams effectively, meaning they face an uphill battle with fragmented tools and data silos. This in turn creates major challenges around alert fatigue and overloaded SOC teams who, despite all the tools available to them, end up undertaking manual investigations to determine the best response.

Continue reading →