Searchlight Security

Latest Blog Posts

Keep up to date with all things Searchlight Security, as well as all the latest news from the dark web
Searchlight Security Cyber Essentials Accreditation Searchlight Security ISO 27001 Accreditation Searchlight Security Cyber Essentials Accreditation
How Can You Stop Executive Threats With Dark Web Intelligence?

28 September 2022

Blog

On the dark web, what you don't know can hurt you. Executives’ personal information can often be found on dark web forums, on paste bins, or dox sites without them knowing about it. In this blog, Robert Fitzsimons looks at the challenge of executive threats and how they can be identified using dark web intelligence.

Read More
How Can You Spot an Insider Threat With Dark Web Intelligence?

21 September 2022

Blog

For National Insider Threat Awareness Month, Luke Walker - Senior Threat Intelligence Analyst at Searchlight Security - provides a Q&A on what insider threat is, why it's increasing, and how dark web intelligence can be used to combat it.

Read More
Nato Tackles Military Documents For Sale on the Dark Web

14 September 2022

Blog

In the past few weeks Nato has had to investigate two instances of sensitive military documents circulating on the dark web. Our latest blog looks at what we can learn from these cases.

Read More
Yes, Company Credentials on the Dark Web Are a Problem

31 August 2022

Blog

Is MFA enough to render the emails and passwords leaked on the dark web redundant? In short, no. Our latest blog looks at recent MFA bypass attacks that prove credentials on the dark web can't be ignored.

Read More
The Value of Dark Web Intelligence for MSSPs

25 August 2022

Blog

We know from our MSSP partners that their customers are increasingly asking them for insight into the dark web. Our latest blog looks at how MSSPs can integrate dark web intelligence into their existing offerings to increase the efficiency and value of their own services, while addressing their customers’ understandable anxieties around cybercriminal activity on the dark web.

Read More
LAPSUS$ and DarkSide: How Threat Groups Communicate on the Dark Web

18 August 2022

Blog

It sounds strange, but sometimes threat groups in the dark web want to be seen. In our latest blog, Louise Ferrett, Threat Intelligence Analyst, looks at LAPSUS$ and DarkSide's historic dark web presence to show what you can learn from a threat group's comms strategy.

Read More
Unpicking the Truth Behind LockBit's Latest Exploits in Italy

03 August 2022

Blog

This week, LockBit released data that it claimed belonged to the Italian Revenue Agency. This turned out to be false. In this blog Threat Intelligence Analyst, Louise Ferrett uses dark web intelligence to answer some of the questions around this complicated case of mistaken victim identity including: who the real victim was, why two ransomware gangs appear to be advertising the same data, and why LockBit misattributed the ransom.

Read More
Where Does Dark Web Intelligence Fit in The MITRE ATT&CK Framework?

27 July 2022

Blog

In our latest blog Robert Fitzsimons explains dark web intelligence's role in combatting cybercriminal's Reconnaissance (TA0043) and Resource Development (TA0042) tactics, as defined in the pre-attack stage of the MITRE ATT&CK framework.

Read More
Top Tips: Five Things Tech Applicants Should Look for When Interviewing

20 July 2022

Blog

Tech roles are in high demand, but how can applicants work out which company offers the best career opportunity for them? Our Talent Manager Joe Honey gives his top five tips of what candidates should be thinking about as they go through any company's application process.
Read More
Fighting for Child Protection on the Dark Web

14 July 2022

Blog

Criminal activity accounts for the majority of search traffic on Tor and one of the biggest challenges for law enforcement is how to tackle criminals that are operating anonymously on the dark web. Our latest blog looks at how dark web intelligence can change that status quo.
Read More
Cybercriminals Targeting Financial Institutions from the Dark Web

04 July 2022

Blog

Financial institutions typically have a large dark web footprint. This blog examines evidence of cyberattacks directly targeting financial services companies that can be found in the dark web including leaked employee credentials, vulnerabilities for sale in marketplaces, and dark web traffic.
Read More
Financial Crimes on the Dark Web

28 June 2022

Blog

This blog - the first in a two-part series on securing financial services from dark web threats - examines financial crimes that target consumers and how they could be prevented by financial services companies with dark web intelligence.
Read More
Shifting Security Left in the Cyber Kill Chain

24 June 2022

Blog

The earlier you can identify a threat actor in the Cyber Kill Chain, the more likely you are to prevent an attack. This blog looks at how dark web intelligence can help identify cybercriminal activity in stage one: Reconnaissance.

Read More
Three Times Supply Chain Compromise Was Visible on the Dark Web

14 June 2022

Blog

Dark web intelligence can inform supply chain compromise prevention by identifying when and how a businesses’ third parties are being targeted. An examination of dark web activity at the time of the Maersk, Kronos and Kaseya attacks demonstrates the tell-tale signs that threat actors were targeting these supply chains.

Read More
Verizon DBIR 2022: Combating Criminal Efficiency

26 May 2022

Blog

Verizon has released its annual Data Breach Investigations Report, which outlines the continued rise of ransomware, supply chain attacks, and the most common routes into an organization. This blog looks at how early warning signs on the deep and dark web could combat this increasing criminal efficiency.
Read More
Conti Attack on Costa Rica: Who is UNC1756?

18 May 2022

Blog

Since mid-April, multiple agencies of Costa Rica's government have endured an onslaught of threat activity claimed by infamous ransomware gang Conti. Searchlight's threat intelligence team investigates what makes this attack unique, and who could be the driving force behind it.
Read More
Clear, Deep, and Dark Web: Beyond the Iceberg

26 April 2022

Blog

In cybersecurity discourse, phrases such as clear, deep, and dark web are often used in various contexts to mean different things. We’ve prepared a quick guide on the differences between these parts of the internet, how they're leveraged by cybercriminals, and busting some common misconceptions.
Read More
How Tor Works

26 April 2022

Blog

We all know Tor as the go-to tool for online anonymity, but how does it work? This blog explains, as well as covering its primary use-case demographics.
Read More
Hydra's Collapse Forces Cybercriminals to Regroup

14 April 2022

Blog

Hydra, the world's largest and longest-serving dark web market, was forced offline last week following the seizure of its server infrastructure in Germany. Searchlight's analyst team observed where cybercriminals are flocking to after the takedown, and what they plan to do next.
Read More
LAPSUS$: The Next Generation of Financial Threat Actors?

23 March 2022

Blog

LAPSUS$ has been making waves in the data extortion scene, becoming increasingly ambitious and outspoken with each attack. Searchlight explored the group's origins, tactics, and controversies in order to better understand its position in the current threat landscape.
Read More