threat-intelligence

Ransomware Is Getting Less Profitable and More Prolific

John Z Black Mar 17, 2026

Threat Intelligence #ransomware #mandiant #threat-intelligence #qilin #akira #wef #enterprise-risk

Mandiant's latest report shows ransomware payments declining while victim counts hit record highs. The ecosystem isn't dying. It's fragmenting faster than defenders can track.

Two Spy Campaigns, Two Completely Different Playbooks

John Z Black Mar 16, 2026

Threat Intelligence #espionage #apt #china #russia #signal #asean #military #threat-intelligence

A Chinese APT has been sitting inside Southeast Asian military networks for six years. Meanwhile, Russian hackers are stealing Signal accounts with fake support messages. Same goal, wildly different approaches.

Iran Hit a Medical Device Giant, a NATO Parliament, and Your Instagram Feed on the Same Day

John Z Black Mar 12, 2026

Threat Intelligence #iran #handala #stryker #wiper-attack #critical-infrastructure #influence-operations #nato #threat-intelligence

March 11 wasn't three separate cyberattacks. It was one coordinated Iranian campaign across three fronts: a wiper on Stryker, a breach of Albania's parliament, and an influence op on Instagram. All in 24 hours.

APT28's Covenant Trick and North Korea's AirDrop Hack: How Nation-States Borrow Their Tools

John Z Black Mar 11, 2026

Threat Intelligence #apt28 #north-korea #nation-state #covenant #airdrop #threat-intelligence

Russia's APT28 hijacked an open-source red-team tool to hit Ukraine. North Korea's UNC4899 used Apple AirDrop to break into a crypto firm. Both attacks exploit the trust we put in legit software.