Zservers: Bulletproof hosting for online crime
Russia-based bulletproof hosting service Zservers was exposed and hit with sanctions. But there are signs it may not have been permanently disrupted.
Black Basta exposed: A look at a cybercrime data leak
Black Basta suffered a leak of 197,000 internal chats messages, which has exposed critical details about how this damaging ransomware gang operated, including how its top member claims to have eluded law enforcement.
The evolution of Russian cybercrime
In this Studio 471, Roman Sannikov, Founder of Constellation Cyber shares his insight into the Russian cybercriminal landscape, the evolution of online crime and what lies ahead with ransomware.
Threat hunting case study: SocGholish
SocGhlosh is a malware campaign that spreads via hacked web pages. This is a guide for how to detect infections by searching in SIEMs and logging systems for attacker behaviors.
Law enforcement hammered cybercrime in 2024. Is it working?
In 2024, authorities took aim at ransomware gangs, malware developers, cybercriminal infrastructure and cryptocurrency thieves. Here's a look at the effects of these operations.

How ransomware may trend in 2025
New variants and threat actor groups kept up the tempo of ransomware attacks in 2024. Here's a look at how this type of pervasive cybercrime may trend this year.

Holiday Season Cyber Threats (Part 2): Ransomware, Gift Cards, and Point-of-Sale breaches
The surge in online shopping and travel bookings during the holiday season offers rich pickings for cybercriminals. Black Friday, Cyber Monday, Christmas shopping, and increased travel throughout December offer ample opportun...

Cybercrime Exposed Podcast: Raccoon Stealer
Information stealing malware is one of the most common ways that organizations end up infiltrated by malicious hackers. For several years, one type of infostealer called Raccoon Stealer ruled them all.

A Look at Trending Chinese APT Techniques
Cyber capabilities play a key role in achieving China’s strategic goals. Here's a look at significant state-sponsored actors, which are adopting stealthy techniques to avoid their campaigns being linked to Beijing.

How to Defend Against Alleged Snowflake Attacker ‘Judische’
The threat actor behind the compromise of more than 165 organizations using Snowflake credentials stolen by infostealers has reportedly been detained. Here's a profile of the Com-related threat actor "Judische."...