Threat Intel – Noise

From Ideology to Financial Gain: Exploring the Convergence from Hacktivism to Cybercrime

Rapid7 — Tue, 03 Jun 2025 17:00:00 +0000

The lines between ideologically-driven hacktivism and financially motivated cybercriminals are blurring. Some hacktivist groups are evolving into ransomware operations – even becoming ransomware affiliates – merging the disruptive zeal of hacktivism with the ruthless efficiency of cybercrime.

From Noise to Action: Introducing Intelligence Hub

Rapid7 — Wed, 23 Apr 2025 13:00:00 +0000

We are delighted to announce the availability of Intelligence Hub, an evolution in threat intelligence delivery that is designed to provide meaningful context and actionable insights integrated with the Rapid7 Command Platform.

A Bag of RATs: VenomRAT vs. AsyncRAT

Anna Širokova — Thu, 21 Nov 2024 17:19:50 +0000

Remote access tools (RATs) have long been a favorite tool for cyber attackers, since they enable remote control over compromised systems and facilitate data theft, espionage, and continuous monitoring of victims. Among the well-known RATs are VenomRAT and AsyncRAT.

LodaRAT: Established malware, new victim patterns

Natalie Zargarov — Tue, 12 Nov 2024 14:00:00 +0000

Rapid7 has observed an ongoing malware campaign involving a new version of LodaRAT. This version possesses the ability to steal cookies and passwords from Microsoft Edge and Brave.

The Japanese Technology and Media Attack Landscape

Tom Caiazza — Wed, 19 Jul 2023 17:41:59 +0000

Recently, we released a major report analyzing the threat landscape of Japan, the globe’s third largest economy. In that report we looked at the ways in which threat actors infiltrate Japanese companies (spoiler alert: it is often through foreign subsidiaries and affiliates) and some of the most pervasive threats

The Japanese Threat Landscape: A Report on Cyber Threats in the Third Largest Economy on Earth

Tom Caiazza — Wed, 28 Jun 2023 12:00:00 +0000

In this new report, Rapid7 analyzes Japan’s threat landscape and some of the largest cyber concerns affecting Japanese organizations.

Rapid7 Threat Command Delivered 311% ROI: 2023 Forrester Consulting Total Economic Impact™ Study

Stacy Moran — Wed, 15 Mar 2023 15:41:54 +0000

Security decision-makers are more concerned about external attacks than any other attack vector, according to the new Forrester Consulting study commissioned by Rapid7.

Year in Review: Rapid7 Threat Intelligence

Stacy Moran — Tue, 31 Jan 2023 17:05:45 +0000

As we forge into 2023, Rapid7 Threat Intelligence remains laser-focused and committed to addressing the critical needs of security teams.

One Year After IntSights Acquisition, Threat Intel’s Value Is Clear

Stacy Moran — Thu, 22 Sep 2022 14:53:57 +0000

After the one-year milestone of Rapid7’s acquisition of IntSights, the added value threat intelligence brings to our product portfolio is unmistakable.

Network Access for Sale: Protect Your Organization Against This Growing Threat

Jeremy Makowski — Mon, 22 Aug 2022 14:56:10 +0000

Vulnerable network access points are a potential gold mine for threat actors. We look at the techniques they use and best practices for prevention.

360-Degree XDR and Attack Surface Coverage With Rapid7

Margaret Wei — Thu, 18 Aug 2022 15:00:27 +0000

Leverage InsightIDR, Threat Command, and InsightConnect to unlock a complete view of your attack surface with unmatched signal to noise.

To Maze and Beyond: How the Ransomware Double Extortion Space Has Evolved

Tom Caiazza — Wed, 27 Jul 2022 18:00:00 +0000

Our research shows the "market share" of ransomware groups and how much they focused on different types of data.

ISO 27002 Emphasizes Need For Threat Intelligence

Drew Burton — Mon, 25 Jul 2022 17:54:44 +0000

Earlier this year, the International Organization for Standardization (ISO) released ISO 27002, which features a dedicated threat intelligence control.

For Finserv Ransomware Attacks, Obtaining Customer Data Is the Focus

Tom Caiazza — Thu, 07 Jul 2022 14:00:47 +0000

We found customer data in the overwhelming majority of data disclosures from ransomware attacks against the financial services industry.

Two Rapid7 Solutions Take Top Honors at SC Awards Europe

Rapid7 — Thu, 23 Jun 2022 15:10:30 +0000

We are pleased to announce that two Rapid7 solutions were recognized on Tuesday, June 21, at the prestigious SC Awards Europe.

New Report Shows What Data Is Most at Risk to (and Prized by) Ransomware Attackers

Rapid7 — Thu, 16 Jun 2022 13:00:00 +0000

"Pain Points: Ransomware Data Disclosure Trends" reveals a story of how ransomware attackers think, what they value, and how they apply pressure.

MDR Plus Threat Intel: 414 New Detections in 251 Days (You’re Welcome)

Sam Adams — Wed, 06 Apr 2022 13:48:18 +0000

Now, Threat Command’s threat intelligence platform (TIP) content is integrated with our leading detection and response products and services.

Cybercriminals’ Recruiting Effort Highlights Need for Proper User Access Controls

Jeremy Makowski — Tue, 15 Mar 2022 20:10:39 +0000

The Lapsus$ ransomware gang’s modus operandi seems to be evolving.

Russia-Ukraine Cybersecurity Updates

Rapid7 — Fri, 04 Mar 2022 14:30:00 +0000

This ongoing blog provides the need-to-know updates in cybersecurity and threat intelligence relating to the Russia-Ukraine conflict.

The Top 5 Russian Cyber Threat Actors to Watch

Rapid7 — Thu, 03 Mar 2022 22:53:28 +0000

These 5 threat actors are identified by our Threat Intelligence Research team as the most likely (i.e., highest risk) to carry out cyberattacks against European and US companies.