Resources - Resources

The first stage of an active cyberattack is initial access, which establishes an “initial foothold within a network.” This step is difficult to perform, and therefore many aspiring attackers can purchase network access from threat actors with specialized skills.

This report examines dark web financial fraud activity that took place in the deep and dark web during the first six months of 2022.

A newly formed Russian-Chinese ransomware-forum alliance has some cyber specialists alarmed about the threats such a collaboration might pose to the rest of the world.

Join Cybersixgill and featured guest Forrester for a webinar breaking down the results of the commissioned study, The Total Economic Impact™ of Cybersixgill.

This report examines cybercriminal activity that took place in the deep and dark web during 2021.

Attend this webinar to learn how advanced analytics and machine learning can power threat intelligence, and enable threat researchers to conduct qualified and detailed threat assessments that can help keep your business secure

This report analyzes the incidents of financial fraud on the underground throughout the final six months of 2021.

Discover how to defend against the five most pernicious cyber risks using threat intelligence from the deep and dark web.

Learn how Cybersixgill’s cyber threat intelligence solutions can accelerate your organization’s advancement through each phase of cybersecurity readiness.

Learn how Radware’s security team leveraged Cybersixgill’s solutions to streamline their threat intelligence analysis process and accelerate time-to-intel.

Learn how CyberProof enhanced and accelerated their investigations into threats & vulnerabilities through access to the largest collection of threat intel from the deep & dark web.

Read The Total Economic Impact™ of Cybersixgill study to discover the potential return on investment (ROI) enterprises may realize by deploying our threat intelligence products.

Discover the technical knowledge needed to transform investigations with the Cybersixgill API and Investigative Portal.

This report analyzes the digital footprints left by threat actors on underground forums, uncovering the myriad factors that influence dark web activity.

Discover Seven Strategies for Researching the Deep and Dark Web in the Ultimate Guide to Dark Web Research – Part 2

Discover how to boost your cybersecurity program by uncovering relevant, timely, and actionable insights with dark web Threat Intelligence.

This report analyzes the incidents of financial fraud on the underground throughout the first six months of 2021.

This report analyzes ToxicEye, a Remote Access Trojan (RAT) leveraging the Telegram messaging platform as a command-and-control infrastructure through which to target compromised devices for ransomware attacks.

We talked with American CISOs from organizations of various sizes and industries to offer a sneak-peek into the minds of these execs and gain perspective, insight and inspiration to drive change in your organizations cyber operations.

Learn about the underground’s reaction to CVE announcements, the popularity of CVE scanning tools and the correlation between CVSS scoring and underground chatter.

Just how many Netflix & Disney+ accounts were distributed on the deep and dark web in 2020 through Q1 2021? Find out the trends in terms of numbers and top account-types.

This report uncovers the emerging trend of hardware spoofing tools (HWID) on the underground, aiding gamers evade anti-cheating software and guarantee a competitive edge in an industry with vast potential for monetary gain.

Learn how to tackle the top 5 challenges every CISO faces in their career. Effectively manage the huge amount of data points, accelerate threat detection and response by implementing a continuous, fast, iterative, and smart methodology.

To tap the dark web’s potential as a valuable cyber threat intel source, you need to know the terminology and slang terms that threat actors use.

By accessing SMS messages, attackers can reset account passwords, bypass security and gain access to sensitive information. This report shines a light on the full menu of exploits and how to protect yourself from SMS hackers.

This threat report analyzes one of the most widely shared cracking tools on the deep and dark web: OpenBullet.

The 2021 SANS Cyber Threat Intelligence (CTI) Survey, sponsored by Cybersixgill, shows the impact of COVID-19 on cyber threat intel.

This report examines dark web activity that took place in the deep and dark web during 2020.

This report examines financial fraud activity that took place in the deep and dark web during the last six months of 2020 (H2 – 2020). During this period, 45,033,323 compromised cards were offered for sale in credit card markets monitored by Cybersixgill.

This threat report analyzes dark web discourse around the energy sector to understand the impact of dark web threats on cyberattacks targeting the industry.

Learn how to perform an effective threat hunt with our step-by-step guide and take a proactive approach to cybersecurity.

This threat report analyzes five popular underground forums, from inception to the end of 2020, to help understand a dark web forum’s lifecycle and internal dynamics.

Learn how to identify your organization’s maturity level and take the right actions in order to level-up threat intelligence operations.

Join Jon Oltsik, Senior Principal Analyst from ESG, and Omer Carmi, VP of Intelligence at Sixgill as they discuss the common challenges organizations encounter in their cyber-risk and threat management and creating the right mix of threat intelligence people, processes, and technologies.

As eCommerce sees growth during the COVID-19 pandemic, the fraud phenomenon of refunding has similarly boomed. This report examines underground discourse of “refunding” trends, tactics and procedures (TTPs).

A new report from ESG explains why today’s threat intelligence teams struggle to keep up with the threats they face and how can Cybersixgill can help.

As the world races towards a coronavirus vaccine, the healthcare industry has remained a focal point for cybercriminals. This report investigates why the industry is frequently targeted, and why it remains vulnerable.

With the imminent US presidential elections gripping both American and global discourse, this report explores how Decision 2020 is playing out on the deep and dark web.

This report highlights some of the most popular education topics among threat actors in the underground and recommendations that can help prevent cyberattacks.

This report examines the economic and the personal motivations that drive abuse of social media platforms on the dark web.

Though mentions of payment platforms were already on the rise, they spiked tremendously during lockdowns. This report focuses on trends and shows examples of how payment apps provide critical infrastructure in dark web financial crime.

We took a sample of 15,000 of Darkfeed’s IOCs and compared that sample with IOCs from more than 40 leading antivirus providers to see what portion of our IOCs were also identified by their systems.

Citing data and specific examples of underground conversations, our latest threat report illustrates why the risk of gaming-related fraud is so serious.

Join technological leaders JR Reicherts of K&U, and Sumukh Tendulkar of Cybersixgill, to learn how to leverage the strengths and capabilities of Cybersixgill Darkfeed and King & Union Avalon in order to accelerate time-to-intel and improve cyber collaboration.

This report examines financial fraud activity that took place in the deep and dark web during the last six months of 2020 (H1 – 2020), with 45,130,117 compromised cards offered for sale in credit card markets monitored by Cybersixgill.

Download this report to learn how the danger posed by compromised RDP servers has changed recently in light of the coronavirus outbreak, as well as practical steps you can take to stay safe.

Leading cyber threat intelligence analysts share their tips and best practices for success in today’s cyber environment in this 7-step guide.

As employees working from home implement a variety of connected devices, the potential attack surface becomes larger, with more endpoints attempting to reach company networks.

This webinar discusses how Cybersixgill Darkfeed automatically collects malicious IOCs from the deep and dark web and provides ThreatConnect users with actionable insights, to proactively block threats before they are deployed.

To learn how Cybersixgill’s investigative portal leverages the dark web to give you the insights you need to protect your business’ critical assets, download this whitepaper by information security expert David Strom.

With digital cooperation becoming quickly the new normal for threat actors, and as crime is switching from street corners to the dark alleys of the web, the underground economy is booming.

The forums of the gaming hacks and Twitch exploits analyzed in this report contain hundreds of thousands of posts referencing carding/fraud techniques and credit card data for sale.

Join us to explore how Cybersixgill and Cortex XSOAR (previously Demisto) are enabling customers to scale and accelerate their incident prevention and response by combining deep and dark web intelligence with automation.

Narrowing in on the dark web drug economy reveals a microcosm of how illicit economies adapt to such crises, showcasing the unique rule of the internet in providing flexibility and resilience to illicit activities.

Multiple news sources have noted that the stimulus checks and the forgivable loans made under the Paycheck Protection Program (PPP) from the U.S. government were attractive targets for a myriad of fraud schemes.

At the end of 2019, account takeover (ATO) fraud accounted for 16% of fraud-related losses. The dark web provides fraudsters with intelligence that enables them to infiltrate your customers’ accounts without raising any suspicions.

This webinar reveals insights and details about how fraudsters are leveraging the dark web marketplaces and the processes by which online criminals are monetizing these types of attacks.

With millions of people now working from home, the use of video conferencing apps such as Zoom has skyrocketed, creating an opening for hackers to take advantage of the many new users unfamiliar with the technology.

While the majority of discourse surrounding COVID-19 is informational, there is a troubling rise in malicious intent, as threat actors seek to monetize this crisis through a variety of illegal methods.

We noted interesting patterns of discourse in secure messaging apps, such as Telegram, QQ, and Discord, as well as a spike in discourse on deep and dark web forums surrounding COVID-19.

During the last six months of 2019 (H2-2019), 76,230,127 compromised cards were offered for sale by threat actors in illegal credit card markets monitored by Cybersixgill, compared to 23,319,709 cards offered in H1-2019.

As the holiday shopping frenzy officially begins, many consumers will turn to e-commerce stores to make their purchases, giving threat actors an opportunity to capitalize on this increased spending for their own gain.

SIM swapping is a form of identity theft through social engineering, allowing the attacker to take control of any account that uses an SMS/call to authenticate login or rest passwords.

Sixgill has identified many autoclickers distributed on the underground, including some that employ sophisticated methods to mimic human actions and bypass antivirus software.

Credit card sniffers are relatively few lines of malicious code that are injected into payment pages of e-commerce sites and are very difficult to detect, causing e-commerce clients to unknowingly be victimized.

In the first six months of 2019, 23,319,701 compromised credit cards were offered for sale in the underground deep and dark web stolen credit card markets monitored by Cybersixgill.

CVEs (Common Vulnerabilities and Exposures) are lists of publicly available vulnerabilities and exposures related to software and hardware.

Cybercriminals dedicated to the practice of carding have proven their resiliency over the years, developing new techniques to successfully circumvent the continuously evolving anti-fraud measures deployed by financing and retail industries.

With more than 125 million players and revenues of over 300 million dollars every month, “Fortnite” has rocketed to the top of the online gaming industry, resulting in a thriving criminal eco-system around the game.

Learn how security teams harness the powers of Cybersixgill Portal and Darkfeed and to instantly reduce incident response time and accelerate detection.

Learn how security teams now leverage Cybersixgill to extend the use cases for fraud-related threats, maximizing Cortex XSOAR effectiveness.