Read insights, thought leadership, and platform updates.

APT28 is a Russian state-sponsored threat actor with a long history of sophisticated cyber operations targeting governments, defense contractors, and critical infrastructure sectors across the globe. According to a  CISA advisory released on May 21, 2025  this group has been exploiting known vulnerabilities in routers and other network devices to gain persistent access to sensitive […]

In today’s dynamic cyber landscape, organizations face an evolving array of threats and vulnerabilities that challenge their resilience. Whether it’s defending against ransomware attacks, identifying critical vulnerabilities (e.g. CVE-2023-23397), or responding to adversaries’ rapidly changing tactics, being able to measure and understand risk is integral to staying ahead of potential threats. And when it comes […]

The Advanced Persistent Talent series profiles ThreatConnect employees and explores how their work impacts products and offerings, how they got here, and their views on the industry at large. Want to know more about a particular team? Let us know! Good threat intelligence analysts have one trait in common: A persistent drive to learn, an […]

Many financial institutions face a constant influx of data from IOCs, open-source feeds, and internal sources that makes it difficult to consolidate and automate intelligence into actionable insights.  Without a unified approach to threat intelligence, however, teams can miss critical threats and waste valuable resources on false positives. This is especially risky in a threat […]

Earlier this year, the Trump administration signed an executive order dictating that state and local governments should play a more significant role in national resilience and preparedness—including for cyber attacks.  State and local agencies are the frontline of defense for much of the critical infrastructure that underlies our daily lives, such as our utilities, healthcare […]

Famous Chollima is a North Korean state-sponsored cyber threat actor tracked as active since at least 2018. Their primary objective is to infiltrate organizations by posing as legitimate remote IT workers, thereby generating income for the North Korean regime and conducting cyber espionage activities. They are also known by aliases such as: NickelTapestry PurpleBravo TenaciousPungsan […]

Security teams need relevant threat intelligence delivered efficiently, with the context necessary to investigate and act. The new Feedly Threat Intelligence and ThreatConnect TI Op integration makes it easier to collect, enrich, and prioritize cybersecurity intelligence — helping analysts reduce noise and focus on what matters. Through this integration, Feedly’s AI-driven threat data is converted […]

Ancient wisdom tells us that we must learn from the past to better adapt to what lies ahead. To survive and thrive in the future threat landscape, we must discard artifacts of the past and embrace a more evolved future. That’s why at RSAC this year, the ThreatConnect team opened the ThreatConnect Museum of Cyber […]

Cyber threats are growing in volume, complexity, and cost. Yet many organizations still struggle with disjointed workflows, alert overload, and outdated processes that prevent security teams from responding effectively. That’s where ThreatConnect comes in. ThreatConnect helps organizations shift from simply managing threat intel to truly operationalizing it—so they can move faster, reduce risk, and scale […]

VanHelsingRaaS is a reemerging ransomware-as-a-service variant. First used years ago by the likes of UNC4841, it resurfaced in March of 2025 and has been observed to be affecting multiple industry verticals. (See: The Hacker News) The VanHelsing Ransomware Threat Dashboard in ThreatConnect provides security teams with real-time intelligence on the VanHelsingRaaS. This dashboard aggregates data from […]

By now, you’ve probably purchased your passes. Your flight is booked. Your supply of business cards sits at the ready.  What more is there to do in preparation for RSAC 2025, taking place from April 28 to May 1 at the Moscone Center in San Francisco? Possibly quite a lot! That’s because when it comes […]

The Advanced Persistent Talent series profiles ThreatConnect employees and explores how their work impacts products and offerings, how they got here, and their views on the industry at large. Want to know more about a particular team? Let us know! Bayesian analysis is a statistical method where you start with a “prior belief” about something, […]