Rencontrons-nous à la Hacker Week à Las Vegas !

Gradient blue background. There is a light orange oval with the white text "BLOG" inside of it. Below it there's white text: "Let's Meet at Hacker Week in Las Vegas!" with a light orange arrow pointing down.

The Flare team will be in Vegas this week for Hacker Week! If you are attending BSides Las Vegas or DEFCON, come meet our team either at the Flare booth or around the venue. There’s a chance to win a free bottle of scotch! BSides Vegas  Booth #9, August 6-7  Come by our booth for […]

ShapeUp at Flare: A Game-Changer for Project Management

Navy background on the left side with the copy in ShapeUp at Flare: A GameChanger for Project Management." On the right is a lighter blue background and graphic of a person's hand pointing at a board and another set of hands holding a tablet.

By Benoit Doyon, Software Development Team Lead I first encountered ShapeUp during one of my initial interviews for a position at Flare. My soon-to-be manager mentioned, “We’re using a methodology that works well for us, but you might not have heard of it before.” With over 10 years of software development experience under my belt, […]

Red Teaming the Modern Attack Landscape

Navy background with lines in the corner with the white text "Red Teaming the Modern Attack Landscape" over it on the left side of the image. To the right is a desktop monitor and a laptop, with 2 peoples' hands pointing at the screens.

In today’s expanded attack surface, new technologies create new opportunities for businesses and malicious actors. Attackers can use the same artificial intelligence (AI) and large language models (LLMs) that companies use, often in the same way. In both cases, these technologies reduce the time spent on repetitive, manual tasks. For example, organizations may use LLMs, […]

Using CTI to Help Predict Vulnerability Exploitability

Gradient blue background. There is a light orange oval with the white text "BLOG" inside of it. Below it there's white text: "Using CTI to Help Predict Vulnerability" with a light orange arrow pointing down.

In a world of increasingly powerful data analytics, security researchers continue to develop new uses for artificial intelligence (AI) and machine learning (ML). In security, predictive analytics offer insight into how a company should prioritize its activities. With more vulnerabilities detected daily, vulnerability management teams become overwhelmed, unable to patch or remediate everything all at […]

AlphaLock, Threat Actor Branding, and the World of Cybercrime Marketing

Gradient blue background. There is a light orange oval with the white text "BLOG" inside of it. Below it there's white text: "AlphaLock, Threat Actor Branding, and the World of Cybercrime Marketing" with a light orange arrow pointing down.

Threat actors are not a monolith in their approach to cybercrime. The popular perception is that threat actors steal information for the sake of it, while knowing and accepting that they are doing something wrong. However, some threat actors also justify their actions by promoting an image that their activity ethically advances the cause of […]

Ransomware in Context: 2024, A Year of Tumultuous Change

Gradient blue background. There is a light orange oval with the white text "BLOG" inside of it. Below it there's white text: "Ransomware in Context: 2024, A Year of Tumultuous Change" with a light orange arrow pointing down.

2024 has started off dramatic shifts in the ransomware landscape. In December of 2023 international law enforcement took down the BlackCat leaks site, leading to the group removing all ethical restrictions for their affiliates and declaring all organizations in Western Europe and the United States viable targets to include nuclear power plants and childrens hospitals. […]

Threat Spotlight: Data Extortion Ransomware Threats

A navy background with the white text "Data Extortion Ransomware Threats"

Over the last few years, the ransomware landscape has changed significantly. Between 2022 and 2023, ransomware attacks increased by more than 100% year-over-year, with more attacks consisting of double and triple extortion. At a high level, the categories of ransomware can be defined as: Modern ransomware attacks are no longer a lone individual sitting at […]

Cyberguerre moderne : attaques DDoS participatives

Fond bleu dégradé. Il y a un ovale orange clair avec le texte blanc « BLOG » à l'intérieur. En dessous, il y a le texte blanc : "Cyberguerre moderne : attaques DDoS participatives". Il y a un texte blanc en dessous qui dit « En savoir plus » avec une flèche orange clair pointant vers le bas.

Over the past few years, politically motivated threat actors have increasingly gone online to find allies for their causes. While ten years ago most hactivism like this was anonymous, modern actors favoring certain political elements or governments leverage a broader ecosystem. Since Distributed Denial of Service (DDoS) attacks require little technical skill, they offer a […]

Exploit Forum - Les courtiers d'accès initiaux dans les États membres de l'OTAN

Fond bleu dégradé. Il y a un ovale orange clair avec le texte blanc « BLOG » à l'intérieur. En dessous, il y a un texte blanc : « Paysage initial des courtiers d'accès dans les États membres de l'OTAN sur le forum Exploit ». Il y a un texte blanc en dessous qui dit « En savoir plus » avec une flèche orange clair pointant vers le bas.

Initial access brokers (IABs) gain unauthorized access to the system then sell this access to other malicious actors. Based on a large sample of IAB posts on the Russian-language hacking forum Exploit.in (Exploit), IABs increasingly target entities within NATO member states, with research revealing recent activity in 21 of 31 countries. Additionally, access to organizations […]