Category Archives: Uncategorized

I recently came across a cool GitHub repo from Zscaler’s ThreatLabz team (see here) which contains a whole array of ransom notes from known and new ransomware families. I imagine that Zscaler has some sort of malware hunting capability (potentially LiveHunt YARA rules in VirusTotal) and they manually check for ransom notes uploaded to VT containing […]

I wanted to do something a bit different and fun so I created a new site hackerfiction.medium.com with one purpose: Telling fictional short stories about hacking using AI. I’ve explained why and how I’m doing this in my Introduction blog, I recommend checking it out first. Ultimately, I made these stories for me. But think others may enjoy […]

Online and at conferences, people ask me how to get started in threat intel. What I usually offer as advice to budding analysts starting out is to practise analysing things in the wild. And by ‘analysing things in the wild’ I mean looking for live reports of cybercriminal activity by others online. One of my […]

Welcome to the realm of hacktivism, where technology meets activism. Verifying and investigating hacktivist claims is often a challenging, time-consuming task. The sheer volume of assertions made by various hacktivist groups and individuals can be overwhelming, especially when multiple events unfold simultaneously. This environment can strain resources needed for thorough fact-checking. Hacktivist activities often include […]

After monitoring the cybercrime threat landscape daily for over four years, it’s rare for something to truly surprise me. However, the recent trend of a suspected English-speaking cybercriminal group—referred to as Scattered Spider by CrowdStrike or 0ktapus by Group-IB—partnering with the Russian-speaking ransomware group BlackCat (also known as ALPHV) has certainly piqued my interest.Background on […]