Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
What’s in an internet minute? According to data from RiskIQ and threat researchers around the world, a lot of evil.
As cyber crime grows in frequency, complexity, and consequence, new digital strategies and initiatives employed by legitimate businesses to advance markets and propel themselves ahead of competitors are being used against them. Today, an organization’s digital assets are subject to malware, malvertising, and phishing efforts on a scale never before seen, while rogue apps, domain and brand infringement, and social impersonation cause business disruption and material loss.
Every day, RiskIQ sees these threat actors and groups scaling up to amass enormous amounts of cheap, ever-evolving infrastructure to overwhelm defenses via large-scale attacks. Last year alone, cyber threat actors cost the global economy $454 billion—or $854,164 each minute. To determine what other nefarious activity takes place on the internet in about the time it takes to make a piece of toast, we crunched some data, and the results aren’t pretty.
In a single “evil internet minute’ businesses spend $142,694 to defend themselves against external cyber threats, but despite their efforts, 1,080 people are victimized. Additionally, as cyber criminals continue to find success deploying tactics from 818 pieces of unique malware, they’ll perform 1,214 ransomware attacks and send more than 100,000 phishing emails. RiskIQ’s research also uncovered additional malicious activity each minute, ranging from blacklisted mobile apps (.3 per minute), malvertising (145 new malicious ads per minute), and phishing (100 new phishing pages per minute).
According to the 2017 Verizon Data Breach and Incident Report, more than 75% of the incidents that lead to data breaches originate externally, almost half of which target unknown—and thus unmanaged—digital assets. This new reality means organizations require new strategies and solutions to combat the mounting number of external threats that target businesses.
Click below to see RiskIQ’s entire “Evil Internet Minute” infographic and find out what your organization is up against:
What’s in an “evil internet minute?” Click above to get the infographic
RiskIQ is the leader in attack surface management. We help organizations discover, understand, and mitigate exposures across all digital channels.
Cybersecurity company @RiskIQ has identified at least 400 domains tied to the @Twitter scam.
@CoinDesk's @BradyDale and @benjaminopowers report:
“(...) RiskIQ has been able to track much more of the bad guy’s infrastructure used in their scam operations. We’ve identified around 400 domains so far that are all tied to these scams.” - @ydklijnsma
WHAT JUST HAPPENED? Security pros offered a range of opinions about the breach. All agreed the fault did not lie with each hacked account's owner. Some say it may have come from inside @Twitter.
@BradyDale and @benjaminopowers report
Targeted #cyberthreats are spiking during #COVID19. We provide one source for information to simplify and accelerate your investigation process #ThreatHunting https://bit.ly/3c9xKoq
RiskIQ researchers just doubled the number of IoCs in the Pastebin. Please continue to monitor it for updates as this situation evolves https://pastebin.com/h64CK3CG #twitterhack #twitterhacks #ThreatIntel #IOCs
Just in case my last tweet got lost in the thread storm, @RiskIQ's list of domains apparently tied to this scam gives us a pretty good idea of who was targeted here. https://pastebin.com/h64CK3CG
This is developing very quickly, but seems to have been staged well in advance. Take a look at some these domains set up to support this scam. H/T @RiskIQ https://twitter.com/ydklijnsma/status/1283508384335925248
Leveraging @RiskIQ's datasets we have identified more infrastructure tied to the current cryptocurrency scammers impacting @elonmusk , @billgates, etc. This is research data, validate before taking action, it might identify new targets also.