A look at ‘Tinker,’ Black Basta’s phishing fixer, negotiator
The leader of the Black Basta ransomware group employed a trusted, experienced cybercrime actor nicknamed Tinker who he relied on for phishing content, call center management and negotiation skills.
DanaBot malware disrupted, threat actors named
The DanaBot malware was severely disrupted by law enforcement. Here's an in-depth look at this data-stealing workhorse for the cybercriminal underground.
How an alleged Russian hacker slipped away
Russian man Andrei Tarasov was indicted on cybercrime charges related to the Angler exploit kit. He was arrested in Germany but slipped away to Russia — despite his anti-Russian views.
LabHost: A defunct but potent phishing service
The administrator of LabHost, a phishing-as-a-service (PhaaS) offering, was sentenced to 8 1/2 years in prison. Here's why PhaaS services are making it more difficult for defenders to prevent account takeovers and fraud.
An in-depth look at Black Basta's TTPs
The Black Basta group constantly sought new malware and methods to infiltrate systems with ransomware. Here's a look at those tactics as drawn from a large leak of the group's chat messages.
Zservers: Bulletproof hosting for online crime
Russia-based bulletproof hosting service Zservers was exposed and hit with sanctions. But there are signs it may not have been permanently disrupted.
Black Basta exposed: A look at a cybercrime data leak
Black Basta suffered a leak of 197,000 internal chats messages, which has exposed critical details about how this damaging ransomware gang operated, including how its top member claims to have eluded law enforcement.
The evolution of Russian cybercrime
In this Studio 471, Roman Sannikov, Founder of Constellation Cyber shares his insight into the Russian cybercriminal landscape, the evolution of online crime and what lies ahead with ransomware.
Threat hunting case study: SocGholish
SocGholish is a malware campaign that spreads via hacked web pages. This is a guide for how to detect infections by searching in SIEMs and logging systems for attacker behaviors.
Law enforcement hammered cybercrime in 2024. Is it working?
In 2024, authorities took aim at ransomware gangs, malware developers, cybercriminal infrastructure and cryptocurrency thieves. Here's a look at the effects of these operations.
