Pulling the Thread: Pivoting on DPRK IT Worker Infrastructure
A simple naming pattern search on DPRK-linked infrastructure — and one domain that kept giving.
Recent Posts
Pulling the Thread: Invite Only
How a suspicious filename led to 88 phishing domains, a shared hosting cluster, and an operator who probably should have used a different email address.
Fragmentation and Blackout: How War Is Reshaping Iran’s Cyber Operations
War is reshaping Iran’s cyber operations. IRGC fragmentation, a near-total internet shutdown, and the loss of senior commanders are creating compounded uncer...
Threat Actors are playing the META
Cybercriminals and nation-state actors are converging on the same TTPs—not because they collaborate, but because efficiency is universal. They’re all playing...