-
Jun 5th, 2025
From Intelligence to Business Impact: 2025 SANS CTI Survey + How ThreatConnect Helps
The 2025 SANS Cyber Threat Intelligence (CTI) Survey reveals a maturing discipline facing persistent challenges: lack of process formalization, difficulty proving ROI, and an urgent need to communicat
-
May 18th, 2021
Biden Executive Order on Cybersecurity Aligns With Risk, Threat, Response Approach
Amid the lingering shadow of the Colonial Pipeline ransomware attack, President Biden signed an executive order last week that outlines “bold changes” that overall take a risk-led approach to cybe
-
Jan 27th, 2021
CrimsonIAS: Listening for an 3v1l User
Executive Summary CrimsonIAS is a Delphi-written backdoor dating back to at least 2017 that enables operators to run command line tools, exfiltrate files, and upload files to the infected machine. Cri
-
Oct 26th, 2020
ThreatConnect Research Roundup: Ryuk and Domains Spoofing ESET and Microsoft
Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related ind
-
Oct 2nd, 2020
Research Roundup: Kimsuky Phishing Operations Putting in Work
Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related ind
-
Sep 28th, 2020
Kimsuky Phishing Operations Putting In Work
Executive Summary Recently, an international NGO that provides threat sharing and analysis support to frequently targeted communities reached out to ThreatConnect wanting to learn more about the origi
-
Sep 25th, 2020
Research Roundup: APT39 Adversaries
Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related ind
-
Sep 3rd, 2020
Research Roundup: Mustang Panda and RedDelta PlugX Using Same C2
Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related ind
-
Aug 27th, 2020
Research Roundup: FBI/NSA Fancy Bear Report Followup
Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related ind
-
Aug 13th, 2020
Research Roundup: Suspicious Domain Redirects to Google Account Security Page
Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related ind
-
Jul 31st, 2020
Research Roundup: Mustang Panda and Fancy Bear
Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related ind
-
Jul 23rd, 2020
Research Roundup: Mustang Panda PlugX Variant Samples and Decryption Script
Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related ind
Dataminr to Acquire ThreatConnect
Joining Forces with Dataminr to Accelerate Threat and Risk‑Informed Defense