The Recorded Future Blog

The Recorded Future Blog is one of the most insightful sources of cyber threat intelligence on the net today. Analysis posted in the blog is backed up by exerienced cyber threat analysts and one of the largest collections of open source web intelligence ever assembled. Analysis is aided by advanced correlation and visualization tools and presented succinctly in ways any researcher can understand. 

Check out this highly regarded source at


More On Recorded Future:

Recorded Future Threat Research Blog Highlights sophisticated techniques used by the Chinese state against perceived domestic threats

Recorded Future just released a report in a series which sheds light on the breadth of sophisticated techniques used by the Chinese state against perceived domestic threats. This latest report is focused on threats to the Tibetan community. It is based on a detailed analysis of the malware targeting the… Read more

Russian National Vulnerability Database Operation Raises Suspicions

The official mission of the organization in charge of maintaining Russia’s national vulnerability database gives it legitimate cover for inspecting foreign technologies and products for security vulnerabilities that can later be weaponized. That’s according to Recorded Future, which has released a report summarizing its analysis of the vulnerability disclosure practices… Read more

Hacker Exploits 2-Year Old Router Issue To Steal Sensitive US Military Data

Sensitive US military documents, including training materials for the MQ-9A Reaper drone and an operations manual for the M1 Abrams tank, were recently available for sale on the Dark Web. A single hacker with apparently moderate technical skills accessed one set of the leaked documents from the computer of a… Read more

Iran likely to retaliate with cyberattacks after nuclear deal collapse

Iran is likely to respond with cyberattacks against Western businesses in response to the Trump administration’s withdrawal from the nuclear deal, cybersecurity experts say. New research suggests attacks could come “within months, if not faster,” according to security firm Recorded Future. The research paints a detailed picture of how Iran uses… Read more

Mirai Variant Botnet Takes Aim at Financials

Insikt Group, the threat research group within Recorded Future, has found that a Mirai botnet variant was used to attack a company, or companies, in the financial sector in January. And it might not have been alone; they found that it was possibly linked to the IoTroop or Reaper botnet. Three financial companies were hit by… Read more

Attackers Shift From Adobe Flaws to Microsoft Products

Recorded Future recently analyzed code repositories, the Dark Web, underground forums, and other sources to identify the vulnerabilities that cybercriminals exploited most commonly in 2017. The exercise revealed a marked shift in attacker preference from Adobe to Microsoft product exploits: in contrast to previous years where Adobe Flash flaws dominated Recorded Future’s… Read more

Hacking Back & the Digital Wild West

The Internet is a modern day Wild West. Individuals, businesses, and governments face extraordinary challenges protecting themselves in the digital Wild West, and history has shown that law enforcement is under-resourced to tackle all but the most pressing criminal cases. What’s the answer? U.S. Congressional Representatives Tom Graves and Kyrsten Sinema are… Read more

Hackers are selling legitimate code-signing certificates to evade malware detection

New research by Recorded Future’s Insikt Group found that hackers and malicious actors are obtaining legitimate code-signing certificates from issuing authorities in order to sign malicious code. That’s contrary to the view that in most cases certificates are stolen from companies and developers and repurposed by hackers to make malware look… Read more

Threat Intelligence: The Foundation of Your Security Operations Center Strategy

Read how threat intelligence is the backbone of a successful security operations center strategy on Recorded Future : For many organizations, threat intelligence has become an essential part of their cyber strategy. With the number of incoming attacks increasing every year, most organizations’ security operations center (SOC) strategy is increasingly… Read more

How to Explain the Meteoric Rise of Threat Intelligence

Read how there has been a meteoric rise in threat intelligence on Recorded Future : For the past couple of years it seems like threat intelligence is everywhere. Every vendor offers a threat intelligence solution, every organization seems to be using it to some degree. At security conferences it feels like… Read more

Threats of Tomorrow: Using AI to Predict Malicious Infrastructure Activity

Read Staffan Truvé’s article about how artificial intelligence to predict cyber attacks on Recorded Future : The ever-increasing scale and complexity of cyber threats is bringing us to a point where human threat analysts are approaching the limit of what they can handle. We believe the next-generation of cyber threats… Read more

Anticipating Black Friday Threat Trends

Black Friday sales and deals now extend to Cyber Monday; as a result, attacks can be seen for the whole weekend or even the whole holiday season. Akamai reports the Black Friday to Cyber Monday weekend is becoming as popular and important for retailers and e-commerce sites in Europe as… Read more

Inside the Mind of Cyber Criminals

To learn more about how cyber criminals operate in the dark web, we asked our own Andrei Barysevich a few questions. Below is what he had to say. You have spent a great deal of time studying actual cyber crime activity, forums, and behavior in recent months. What are some of… Read more

What Am I Supposed to Do With This Threat Intelligence?

A business associate (responsible for enterprise defense) recently recounted being handed a vendor report that detailed a threat actor’s name, pictures, location, and responsibility for attacks unrelated to my associate’s organization. My associate responded, “What am I supposed to do with is? Call Liam Neeson?” Read about the actual use… Read more

Past, present and future of threat intelligence

In this podcast recorded at RSA Conference 2016, John Czupak and Ryan Trost, CEO and CTO of ThreatQuotient respectively, clarify the meaning of threat intelligence and actionable intelligence. Read/hear the podcast by John Czupak and Ryan Trost about threat intelligence on Help Net Security. Read more

3 Signs Your Information Security Team Needs Threat Intelligence

Be honest, sometimes you aren’t sure. Your information security team seems to be getting on with things. They fix vulnerabilities, brief your staff, and implement security procedures. But how can you be sure they’re doing everything possible to protect your organization? Well, the best thing you can do is to ensure they… Read more

3 Information Security Trends for 2016

Threat intelligence truly took center stage in 2015. While there is an element of trendiness to the term, the need for more accurate, timely, and actionable information about threats to enterprises, individuals, and even nation-states has never been more important. Certainly the people reading this post are most involved with… Read more

Using Recorded Future To Find Indications Of Your Enterprise Credentials On The Web

Our sister site just published a piece titled: Recorded Future Provides Awareness Into Issue of Government Credentials On The Open Web: Recorded Future provides real time threat intelligence to cyber defenders as well as business executives seeking insights to inform decisions. They leverage a patented Web Intelligence Engine over with… Read more

Threat intelligence is the judo move needed to take down hackers (by @cahlberg of @recordedfuture)

Christopher Ahlberg of Recorded Future just published an opinion piece on the Christian Science Monitor’s Passcode site titled Threat Intelligence is the judo move needed to take down hackers. Excerpt: That’s the value of cyberthreat intelligence. Equipped with an information advantage we’re able to outsmart the opponent. At the highest… Read more

Lessons Learned: Are you one of the Fortune 500’s Unfortunate 221?

The Recorded Future Special Intelligence Desk has just released a new Threat Intelligence Report we found to be full of important context and actionable information for enterprise cyber defenders. The report, titled The Fortune 500’s Unfortunate 221, is available for download here. This report is important for two key reasons: It shows a… Read more