Executive SummaryIn 2024, Insikt Group significantly expanded its tracking of malicious infrastructure by covering more malware families and categories, additional infrastructure types such as staging servers, and integrating data sources like Recorded Future Network Intelligence, enhancing
Continue ReadingCategory: Recorded Future
How Security Leaders Defend Their First- and Third-Party Attack Surfaces
Modern attack surfaces extend across every place your business operates, from your first-party technology assets to your third-party network of suppliers and vendors. To spot risks before attackers do, you need to maintain continuous visibility across
Continue ReadingTrimble Cityworks: CVE-2025-0994
What is CVE-2025-0994?CVE-2025-0994 is a high-severity deserialization vulnerability in Trimble Cityworks, an asset management and work order software designed for local governments and utilities. The critical infrastructure sectors Cityworks services include water and wastewater systems, energy,
Continue Reading6 Threat Intelligence Outlooks and Strategies for 2025
As threat actors continually adopt new tactics using everything from generative AI to popular SaaS applications to e-skimmer kits CISOs and their teams need the latest and most in-depth threat intelligence to stay one step ahead.
Continue ReadingMunich Security Conference
OverviewThis document provides an overview of Recorded Futures Insikt Group intelligence reporting and analysis published during the 2025 Munich Security Conference. Links to the full reports are included. This brieng is personal and condential not for
Continue ReadingInside the Scam: North Korea’s IT Worker Threat
Executive SummaryIn an era in which remote work has become the norm, North Korea has seized the opportunity to manipulate hiring processes, using fraudulent information technology (IT) employment to generate revenue for the regime. North Korean
Continue ReadingWorking in Singapore at the World’s Largest Intelligence Company
Did you know? Recorded Future operates out of seven offices worldwide. Besides our US locations, we have offices in London, Gothenburg, Dubai, Tokyo, and Singapore. With over 42 nationalities and at least as many spoken languages,
Continue ReadingTAG-124’s Multi-Layered TDS Infrastructure and Extensive User Base
Analysis cut-off date: January 7, 2025Executive SummaryInsikt Group has identified multi-layered infrastructure linked to a traffic distribution system (TDS) tracked by Recorded Future as TAG-124, which overlaps with threat activity clusters known as LandUpdate808, 404TDS, KongTuke,
Continue Reading“Crazy Evil” Cryptoscam Gang: Unmasking a Global Threat in 2024
"Crazy Evil" Cryptoscam GangSince 2021, the "Crazy Evil" cryptoscam gang has escalated into one of the most prolific cybercriminal groups targeting digital assets. Specializing in identity fraud, cryptocurrency theft, and information-stealing malware, Crazy Evil employs a
Continue ReadingCleo MFT: CVE-2024-50623
What is CVE-2024-50623CVE-2024-50623 is a critical unrestricted file upload and download vulnerability that could lead to remote code execution (RCE).What are the affected products?The vulnerability affects Cleo's managed file transfer (MFT) products Harmony, VLTrader, and LexiCom
Continue Reading