Generated by All in One SEO v4.9.7.2, this is an llms.txt file, used by LLMs to index the site. # Searchlight Cyber We defend organizations. Criminals using the dark web think you can’t see them. With Searchlight Cyber, you can. ## Sitemaps - [XML Sitemap](https://slcyber.io/sitemap.xml): Contains all public & indexable URLs for this website. ## Posts - [Blog](https://slcyber.io/blog/) - Explore insights on dark web intelligence, Attack Surface Management, and threat intelligence. Stay informed on emerging threats, trends, and cyber risk. - [How Attack Surface Management Tools Stop Cybersecurity Breaches Before They Happen](https://slcyber.io/blog/how-attack-surface-management-tools-stop-cybersecurity-breaches-before-they-happen/) - Stop cyber breaches before they happen. Discover how Attack Surface Management (ASM) tools continuously monitor your digital footprint to fix hidden vulnerabilities. - [Attack Surface Management Tools in 2026: Essential Market Trends for Security Leaders](https://slcyber.io/blog/attack-surface-management-tools-in-2026-essential-market-trends-for-security-leaders/) - Explore the top attack surface management tools trends shaping cybersecurity in 2026, including AI-driven threat detection, continuous monitoring, ransomware defense, and external risk visibility. - [How Does Attack Surface Management Work? Everything You Need to Know](https://slcyber.io/blog/how-does-attack-surface-management-work-everything-you-need-to-know/) - Attack surface management solutions now offer advanced capabilities like hourly scanning that detect threats as they emerge. This blog explores what attack surface management is, how attack surface monitoring works in practice, and what features matter most when you evaluate attack surface management tools. - [May 20th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/may-20th-this-weeks-top-cybersecurity-and-dark-web-stories/) - This week’s cybersecurity and dark web news stories discuss the INTERPOL led Operation Ramz leads to 201 arrests, Gentleman ransomware suffers data breach, and Shai-Hulud goes open source. - [Close the 24-hour Security Gap with Continuous Vulnerability Scanning](https://slcyber.io/blog/close-the-24-hour-security-gap-with-continuous-vulnerability-scanning/) - In this blog we explore why daily vulnerability scanning of digital assets isn't enough to keep businesses safe from vulnerabilities and threats. - [May 12th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/may-12th-this-weeks-top-cybersecurity-and-dark-web-stories/) - This week’s cybersecurity and dark web news stories discuss RansomHouse hack on cybersecurity firm, the hackers caught using AI to find and exploit vulnerabilities, and Checkmarx plugin compromise. - [Shadow Exposure: Why Your Most Trusted Software Could Pose Your Biggest Threat](https://slcyber.io/blog/shadow-exposure-why-your-most-trusted-software-could-pose-your-biggest-threat/) - Your trusted third-party software may hide critical security risks: that’s Shadow Exposure. Discover how Attack Surface Management closes these open doors. - [What Are the Four Ways CTEM Fails Without ASM?](https://slcyber.io/blog/what-are-the-four-ways-ctem-fails-without-asm/) - Learn the four critical ways CTEM fails without attack surface management and why ASM is essential for reducing hidden risks and strengthening cyber defense. - [How Do You Build An Attack Surface Management Program?](https://slcyber.io/blog/how-do-you-measure-an-attack-surface-management-program/) - Learn how to build an effective Attack Surface Management program that identifies, monitors, and mitigates external risks before they turn into threats - [Your Complete Guide to Continuous Threat Exposure Management](https://slcyber.io/blog/complete-guide-to-continuous-threat-exposure-management/) - Learn what Continuous Threat Exposure Management (CTEM) is, why it's essential today, and how it helps organizations stay ahead of evolving cyber threats. - [How to Choose the Right ASM Solution](https://slcyber.io/blog/attack-surface-management-tools-choosing-the-right-solution/) - Learn how to select the best attack surface management tools. Compare features, benefits, and strategies to protect your business from hidden cyber risks. - [May 4th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/may-4th-this-weeks-top-cybersecurity-and-dark-web-stories/) - This week’s cybersecurity and dark web news stories discuss ShinyHunters claiming responsiblity for data breach, critical cPanel vulnerability identified, and Akira ransomware being responsible for nearly 50% of cyber insurance claims. - [Additional tooling added to the Stealth Browser](https://slcyber.io/blog/new-third-party-tooling-added-to-the-stealth-browser/) - Users can now benefit from built-in third-party tooling, intuitive browser extensions, and optimized performance to support even more investigation use cases. Contact sales - [Preempt phishing attacks with new changelog, to see how threats evolve](https://slcyber.io/blog/preempt-phishing-attacks-with-new-changelog-to-see-how-threats-evolve/) - With the new 'Previous Changes' button, security teams can more easily track and identify spoofing pages before they are fully weaponized. Contact sales - [CTEM Starts With The Map: Asset Visibility First](https://slcyber.io/blog/ctem-starts-with-the-map-asset-visibility-first/) - Effective CTEM begins with asset visibility. Learn why mapping your digital footprint first is key to reducing blind spots and strengthening cyber resilience. - [Ten Questions to Ask Before Buying an ASM Solution](https://slcyber.io/blog/ten-questions-to-ask-before-buying-an-asm-solution/) - To cut through the noise when choosing an ASM tool here are ten key considerations that'll help you evaluate platforms and select the right fit. - [MGM and Caesar Casino Hacks Explained](https://slcyber.io/mgm-and-caesar-casino-hacks-explained/) - In this blog we unpick the complex story of the MGM Resorts and Caesars ransomware attacks to explain the role of the Scattered Spider and BlackCat/APLHV gangs. - [Why Do Most Ransomware Defenses Start Too Late?](https://slcyber.io/blog/why-do-most-ransomware-defenses-start-too-late/) - By the time ransomware is detected, damage is done. See how shifting left and reducing exposure can prevent attacks earlier. Read to learn more! - [The True Cost of a Ransomware Attack in 2026](https://slcyber.io/blog/the-true-cost-of-a-ransomware-attack-in-2026/) - Uncover the real cost of ransomware attack in 2026 and how preemptive security can help reduce long-term business losses . Read to learn More! - [Vulnerability Management: How to Prioritize Real Threats Over Noise](https://slcyber.io/blog/vulnerability-management-how-to-prioritize-real-threats-over-noise/) - Cut through alert fatigue in vulnerability management. Learn how to prioritize exploitable, high-risk threats using context, exposure, and real-world intelligence. - [You Don't Have to Be Attacked to Be a Ransomware Victim](https://slcyber.io/blog/you-dont-have-to-be-attacked-to-be-a-ransomware-victim/) - You don’t need to be directly hacked to suffer ransomware damage. Discover how indirect exposure and supply chain risks put organizations at risk. - [Where Does Cyber Risk Come From Within an Organization?](https://slcyber.io/blog/where-does-cyber-risk-come-from-within-an-organization/) - Where does cyber risk come from? Read our blog to find out as well as learn how vulnerabilities can be identified before cybercriminals spot them. - [New CVE Threat Intelligence tab added to Assetnote’s exposure details page](https://slcyber.io/blog/cve-threat-intelligence-comes-to-assetnotes-exposure-details-page/) - CVE threat intelligence context, exploitation data, and history all embedded into Searchlight's ASM to support analysts with faster response. Contact sales - [April 28th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/april-28th-this-weeks-top-cybersecurity-and-dark-web-stories/) - This week’s cybersecurity and dark web news stories discuss French government data breach, North Korean hackers targeting Web3 with new attack chain, and M3RX's sudden spike in ransomware activity. - [What Claude Mythos Means for Security Leaders](https://slcyber.io/blog/what-claude-mythos-means-for-security-leaders/) - Mythos shows that AI is good at finding vulnerabilities. But organizations still need to fix the threats that actually matter before attackers can reach them. - [What is Preemptive Threat Exposure Management (PTEM)?](https://slcyber.io/blog/what-is-preemptive-threat-exposure-management-ptem/) - PTEM unifies Attack Surface Management with insight into real attacker activity to fix the exposures attackers are most likely to exploit, before they can act. - [Critical National Infrastructure in the Firing Line](https://slcyber.io/critical-national-infrastructure-in-the-firing-line/) - A spate of cyberattacks against critical national infrastructure brings the existential threat into stark reality. - [Full Unconditional Pardon Given to Silk Road Founder](https://slcyber.io/blog/full-unconditional-pardon-given-to-silk-road-founder/) - Silk Road founder receives full unconditional pardon, sparking debate across legal and cybersecurity communities. Learn more about this controversial decision. - [Nato Tackles Military Documents For Sale on the Dark Web](https://slcyber.io/nato-tackles-military-documents-for-sale-on-the-dark-web/) - In the past few weeks Nato has had to investigate two instances of sensitive military documents circulating on the dark web. - [Using Dark Web Intelligence Against Ransomware Groups](https://slcyber.io/dark-web-intelligence-against-ransomware/) - Our Director of Product looks at the ransomware landscape and how dark web intelligence can help security teams to combat this evolving threat. - [BidenCash Marketplace Seized by U.S. Law Enforcement](https://slcyber.io/blog/bidencash-marketplace-seized-by-u-s-law-enforcement/) - The notorious BidenCash marketplace was seized this week by U.S. law enforcement, in an operation supported by Searchlight Cyber - [Researchers Shed Light on Changes in Revived Babuk 2.0](https://slcyber.io/blog/researchers-shed-light-on-changes-in-revived-babuk-2-0/) - Researchers reveal critical updates in revived Babuk 2.0 ransomware, highlighting new tactics and code changes. Get insights into this evolving threat. - [MSSP Research: Are You One of the 50% Not Using Dark Web Intelligence Yet?](https://slcyber.io/mssp-research-are-you-one-of-the-50-not-using-dark-web-intelligence-yet/) - Searchlight Cyber research reveals more than half of MSSPs are using dark web monitoring to protect customers and unlock new revenue streams. - [Five Things to Look for in Dark Web Protection Tools](https://slcyber.io/five-things-to-look-for-in-dark-web-protection-tools/) - In this blog we discuss the top five things to look for in a dark web protection tool. - [Scattered Spider Shifts Focus to Insurance Industry](https://slcyber.io/blog/scattered-spider-shifts-focus-to-insurance-industry/) - Dive into this blog to learn more about the industry now facing threats from Scattered Spider - [Attacks Against ATMs: Intelligence from the Dark Web](https://slcyber.io/attacks-against-atms-intelligence-from-the-dark-web/) - Explore how cybercriminals use skimmers, malware, and insider tactics to target ATMs based on real intelligence from dark web forums and underground markets. - [Dutch Police Dismantle “Bulletproof” Hosting Provider](https://slcyber.io/blog/dutch-police-dismantle-bulletproof-hosting-provider/) - Dutch police dismantle bulletproof hosting provider used by cybercriminals to evade detection. Learn more about the takedown and its global implications. - [Three Key Takeaways From Our Webinar: Ransomware in 2023](https://slcyber.io/3-things-i-learned-from-ransomware-trends-on-the-dark-web-webinar/) - Thoughts from Searchlight’s Alex Blackman, inspired by the Searchlight cyber webinar - RANSOMWARE IN 2023: DARK WEB TRENDS & INSIGHTS. - [BlackLock Ransomware Exposed and DragonForce Makes Moves](https://slcyber.io/blog/blacklock-ransomware-exposed-and-dragonforce-makes-moves/) - Last week threat hunters successfully infiltrated the online infrastructure associated with BlackLock Ransomware, uncovering crucial information. - [What Is CTI? The Essential Guide to Cyber Threat Intelligence in 2026](https://slcyber.io/blog/what-is-cti-the-essential-guide-to-cyber-threat-intelligence-in-2026/) - This blog covers everything you need to know about cyber threat intelligence. Learn how CTI platforms change raw data into insights and discover frameworks that structure threat analysis. - [April 21st – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/april-21st-this-weeks-top-cybersecurity-and-dark-web-stories/) - This week’s cybersecurity and dark web news stories discuss the Vercel data breach, Indonesian authorities phishing network Take Down, and the ransomware groups in conflict. - [The Intelligence Hidden in Ransomware Data](https://slcyber.io/blog/the-intelligence-hidden-in-ransomware-data/) - In this blog, we discuss how the intelligence hidden in ransomware leak sites gives organizations the information they need to secure and protect their assets. - [Explore the Data Breach Dashboard in Cerberus](https://slcyber.io/blog/explore-the-data-breach-dashboard-in-cerberus/) - Find any forum breach across clear, deep, and dark web sources in a single dashboard. Contact sales - [Faster speed to triage with improved detail view in DarkIQ](https://slcyber.io/blog/faster-speed-to-triage-with-improved-detail-view-in-darkiq/) - New visibility into event vs detection dates, unified action views, and streamlined investigation panels with full action metadata. Contact sales - [April 14th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/april-15th-this-weeks-top-cybersecurity-and-dark-web-stories/) - This week’s cybersecurity and dark web news stories discuss MITRE releasing a shared fraud-cyber framework, an Iranian-affiliated threat actors exploiting PLCs across the US, and $12m frozen in NCA-led Operation Atlantic. - [What I Learned About the Future of MSSPs on Our Latest Webinar](https://slcyber.io/what-i-learned-about-the-future-of-mssps-on-our-latest-webinar/) - Two-thirds of customers are asking providers for dark web intelligence, but why? This blog provides simple ways for MSSPs to articulate this value to customers. - [Dark Web Threats to the Energy Industry: Five Key Takeaways From Our Latest Webinar](https://slcyber.io/dark-web-threats-to-the-energy-industry-five-key-takeaways-from-our-latest-webinar/) - We recap how energy industry companies can identify threats, create threat models, and protect themselves from cyberattacks with dark web intelligence - [How Law Enforcement Can Combat Crime on the Dark Web](https://slcyber.io/how-law-enforcement-can-combat-crime-on-the-dark-web/) - On our recent webinar we explained why criminals couldn't be more wrong in the idea that law enforcement can't reach them on the dark web - [Dark Web Cheat Sheet for the Finance Sector](https://slcyber.io/dark-web-cheat-sheet-for-the-finance-sector/) - Everything finance companies need to know about the dark web, including: how it works, how threat actors target finance companies, and defense strategies. - [The finance sector’s top 3 dark web threats: Webinar recap](https://slcyber.io/the-finance-sectors-top-3-dark-web-threats/) - Our experts recently explored the top dark web threats facing the finance sector: initial access brokers, insider threats, and supply chain risks. Catch the highlights if you missed it. - [The Ultimate Dark Web Cheat Sheet for Business](https://slcyber.io/the-ultimate-dark-web-cheat-sheet-for-business/) - Everything you've been too afraid to ask about the dark web, including how to defend your business and communicate the importance of dark web intelligence to senior executives. - [How Dark Web Data is Helping SOC Teams Spot Threats Earlier](https://slcyber.io/how-dark-web-data-is-helping-soc-teams-spot-threats-earlier/) - Our recent webinar covered challenges facing SOC teams and how dark web intelligence can help them to identify threats earlier. Here are five actionable takeaways from this session. - [Significant enhancements to AI Research Assistant models](https://slcyber.io/blog/significant-enhancements-to-ai-research-assistant-models/) - The new security research model can retrieve and analyze relevant information more efficiently, synthesizing insights to provide greater context Contact sales - [Introducing the Initial Access Broker (IAB) Dashboard](https://slcyber.io/blog/introducing-the-initial-access-broker-iab-dashboard/) - The new IAB dashboard helps teams detect pre-attack indicators more efficiently, enabling faster identification of unauthorized network access to you or a partner – before it can be sold and exploited. Contact sales - [Get to know the Ransomware File Explorer](https://slcyber.io/blog/get-to-know-the-ransomware-file-explorer/) - Detect when your files are exposed in undisclosed ransomware attacks. This feature lets you search and set alerts for keywords found in the file names within unpacked file trees. Contact sales - [Enriched Actor Profiles in Cerberus](https://slcyber.io/blog/enriched-actor-profiles/) - Actor Profiles in Cerberus are now enriched with temporal data and clear visualizations, making it faster for investigators to gather intelligence and de-anonymize actor aliases. Contact sales - [Cerberus optimized for enterprise investigation teams](https://slcyber.io/blog/cerberus-optimized-for-enterprise-investigation-teams/) - The new enterprise-optimized version of our investigation platform, Cerberus, enables enterprise and MSSP security teams to investigate threats to their organization more efficiently. Contact sales - [Updated DarkIQ API: Full programmatic control over all data and functionality](https://slcyber.io/blog/updated-darkiq-api-full-programmatic-control-over-all-data-and-functionality/) - DarkIQ’s API provides programmatic access to all platform capabilities – from ingestion through alert triage – including new support for tracking changes to discovered phishing domains. Contact sales - [New DarkIQ workflow filtering and export enhancements](https://slcyber.io/blog/new-darkiq-workflow-filtering-and-export-enhancements/) - Advanced email domain filtering and background export options to help security teams cut through the noise and accelerate threat investigations. Contact sales - [Introducing Hyoketsu: An open-source tool for security researchers](https://slcyber.io/blog/introducing-hyoketsu/) - Drastically reduce the time and effort required for reverse engineering and security auditing of large enterprise applications. Contact sales - [How Can Organizations Secure Their Digital Attack Surface?](https://slcyber.io/blog/how-can-organizations-secure-their-digital-attack-surface/) - Learn how to secure your digital attack surface. Discover strategies to reduce risks, strengthen defenses, and protect against evolving cyber threats. - [A New Era of Attack Surface Management Roles in Cybersecurity](https://slcyber.io/blog/a-new-era-of-attack-surface-management-roles-in-cybersecurity/) - The demand for Attack Surface Management experts is rising. Learn how ASM roles are shaping cybersecurity careers and why organizations need them. - [Why Proactive Attack Surface Management is Now Essential](https://slcyber.io/blog/why-proactive-attack-surface-management-is-now-essential/) - Learn why proactive attack surface management is vital for reducing risks, strengthening cybersecurity, and staying ahead of evolving digital threats. - ['Supergroups' to Shadow Exposure: Insights from Ransomware's Record Year](https://slcyber.io/blog/supergroups-to-shadow-exposure-insights-from-ransomwares-record-year/) - Explore ransomware’s record year, highlighting the rise of supergroups, increased shadow exposure, and evolving tactics shaping today’s threat landscape. - [How to Stop Ransomware Attacks Before They Happen](https://slcyber.io/blog/how-to-stop-ransomware-attacks-before-they-happen/) - In this blog Luke Donovan, Head of Threat Intelligence discusses why ransomware defense starts by closing critical gaps long before an attack is launched. - [Stealer Logs and Telegram: How Cybercriminals Industrialize Data Theft – And What Defenders Must Monitor](https://slcyber.io/blog/stealer-logs-and-telegram-how-cybercriminals-industrialize-data-theft-and-what-defenders-must-monitor/) - In the space of a few years, Telegram has gone from a convenient messaging app to a core piece of infrastructure in the cybercrime economy. - [April 7th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/april-7th-this-weeks-top-cybersecurity-and-dark-web-stories/) - This week’s cybersecurity and dark web news stories discuss the Axios NPM Package targeted in supply chain attack, Storm-1175 exploiting fast moving zero-days, and REvil ransomware leader unmasking. - [The 2026 ‘Forum Wars’: Deconstructing the BreachForums Drama](https://slcyber.io/blog/the-2026-forum-wars-deconstructing-the-breachforums-drama/) - Over several years of tracking the dark web threat landscape, we’ve consistently seen threat actors changing identities or “rebranding” their operations in an attempt to evade investigation and law enforcement attention. But what about when the inverse occurs? - [March 30th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/march-30th-this-weeks-top-cybersecurity-and-dark-web-stories/) - This week’s cybersecurity and dark web news stories discuss the LiteLLM and Telnyx compromise, Pay2Key re-emergence, and the Dutch Treasury banking portal taken offline after breach. - [How Continuous Threat Exposure Management is Evolving in 2026](https://slcyber.io/blog/how-continuous-threat-exposure-management-is-evolving-in-2026/) - In this blog we discuss how threat and vulnerability management has evolved and how Continuous Threat Exposure Management can help teams break out of the patch, respond, repeat loop to preempt cyberattacks. - [The Warning Signs Were There: How Credential Leaks and Dark Web Activity Foreshadowed the Stryker Breach](https://slcyber.io/blog/the-warning-signs-were-there-how-credential-leaks-and-dark-web-activity-foreshadowed-the-stryker-breach/) - Could this state-aligned attack have been foreseen and possibly prevented? Analyzing the attacker activity that preceded the Stryker breach - [Shifting Security Left in the Cyber Kill Chain](https://slcyber.io/shifting-left-in-the-cyber-kill-chain/) - Learn how shifting security left in the Cyber Kill Chain helps detect threats earlier using dark web intelligence, enabling organizations to prevent attacks before they begin. - [How Modern ASM Uncovers Hidden Risks in Real Time](https://slcyber.io/blog/how-modern-asm-uncovers-hidden-risks-in-real-time/) - Discover how modern attack surface management (ASM) helps uncover hidden risks in real time, improving security visibility and reducing cyber threats - [How Ignoring the Dark Web Impacts an Organization](https://slcyber.io/blog/how-ignoring-the-dark-web-impacts-an-organization/) - By continuously monitoring the dark web, security teams can uncover early indicators of compromise and gain visibility into potential threat exposure. - [Five Steps to Building A Threat Model](https://slcyber.io/five-steps-to-building-a-threat-model/) - Threat modelling is a process by which potential threats can be identified & prioritised. Discover the 5 steps on how to build a successful threat model. - [How Financial Institutions Benefit from Real-Time Dark Web Threat Intelligence](https://slcyber.io/blog/how-financial-institutions-benefit-from-real-time-dark-web-threat-intelligence/) - Learn how real-time dark web threat intelligence helps financial institutions detect threats early, reduce fraud, and prevent cyberattacks before they happen. - [Closing the Gap: Why Attack Surface Growth Is Outpacing Your Security Team](https://slcyber.io/blog/closing-the-gap-why-attack-surface-growth-is-outpacing-your-security-team/) - In this blog we explore the exponential gap between the expansion of an organization’s attack surface and the limited capacity of its security team to keep pace. - [March 24th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/march-24th-this-weeks-top-cybersecurity-and-dark-web-stories/) - This week’s cybersecurity and dark web news stories discuss the seized domains associated with the Ministry of Iran, Crunchyroll data breach, and PureLog stealer malware targeting critical infrastructure. - [February 24th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/february-24th-this-weeks-top-cybersecurity-and-dark-web-stories/) - This week’s cybersecurity and dark web news stories discuss A Threat actor leveraging generative AI services, the 0APT bluff campaign, and the cyberattack on Deutsche Bahn. - [February 18th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/february-18th-this-weeks-top-cybersecurity-and-dark-web-stories/) - This week’s cybersecurity and dark web news stories discuss a new ransomware strain named "Reynolds" and Rhysida ransomware group using OysterLoader - [February 11th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/february-11th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Read more about 0APT using fake ransomware victim data, CLOP's extortion strategy becoming less effective, and hackers targeting defence sector employees. - [March 17th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/march-17th-this-weeks-top-cybersecurity-and-dark-web-stories/) - This week’s cybersecurity and dark web news stories discuss Europol taking down SocksEscort, Iranian-backed hacktivists claiming attack on Stryker, and ShinyHunters claiming attack on BPO. - [March 11th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/march-11th-this-weeks-top-cybersecurity-and-dark-web-stories/) - This week’s cybersecurity and dark web news stories discuss LeakBase shut down, significant ShinyHunters campaign, and a powerful kit targeting iOS. - [March 4th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/march-4th-this-weeks-top-cybersecurity-and-dark-web-stories/) - This week’s cybersecurity and dark web news stories discuss the Results of project Compass, the 15 million details stolen in breach, and intelligence assessment warns of Iranian cyberattacks. - [Telegram Privacy Changes: The Beginning of a Criminal Exodus?](https://slcyber.io/telegram-privacy-changes-the-beginning-of-a-criminal-exodus/) - Discover how Telegram’s privacy policy shift and CEO arrest sparked reactions and potential criminal migration, reshaping how illicit groups may use messaging platforms. - [Five Ways You Can Spot Insider Threat Outside of Your Network](https://slcyber.io/five-ways-you-can-spot-insider-threat-outside-of-your-network/) - We mark National Insider Threat Awareness Month by providing five ways organizations can spot malicious employees operating outside of their network. - [Effective Ransomware Prevention Strategies](https://slcyber.io/blog/effective-ransomware-prevention-strategies/) - How can businesses mitigate the threat of ransomware? In this blog we discuss some key ransomware prevention strategies. - [Why Attack Surface Management is Critical to Continuous Threat Exposure Management Frameworks](https://slcyber.io/blog/why-attack-surface-management-is-critical-to-continuous-threat-exposure-management-frameworks/) - In this blog we discuss how Attack surface management provides the visibility that makes Continuous threat exposure management possible and helps security teams move from reactive vulnerability management to proactive, intelligence-driven risk reduction. - [How to Combat Brand Impersonation Attacks](https://slcyber.io/blog/how-to-combat-brand-impersonation-attacks/) - In this blog we explore brand impersonation and how this growing cybercriminal tactic can lead to financial loss and diminished brand trust. - [How to Outpace Vulnerability Exploits](https://slcyber.io/blog/how-to-outpace-vulnerability-exploits/) - Close the gap between vulnerability disclosure and remediation with real-time detection, exploit validation, and actionable threat intelligence. - [The Power Of TTP Mapping For External Cyber Risk](https://slcyber.io/blog/the-power-of-ttp-mapping-for-external-cyber-risk/) - In this blog, we discuss why getting under the skin of a threat actor and understanding their TTPs is important for managing external cyber risk. - [January 5th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/january-5th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Dive into this week’s cybersecurity and dark web news stories including the UK government investigating a cyberattack, Russian threat actors observed targeting critical infrastructure, and Romania Waters cyberattack. - [January 28th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/january-28th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Read more about a new AI malware framework that's been identified, Tudou Guarantee's cease of operations, and NCSC's warnings of persistent Russian-aligned hacktivists. - [January 20th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/january-20th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Read more about BlackBasta's founder on the most wanted list, Microsoft disrupting a global cybercrime subscription service, and "R1Z" entering a guilty plea. - [January 14th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/january-14th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Read more about Instagram's data leak, the ransomware attack on fuel and energy giant, and the compromise of Ledger crypto wallet manufacturer. - [February 4th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/february-4th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Read more about RAMP forum being seized, voice-phishing being leveraged by threat actors, and the mobile phones of senior Downing Street officials being hacked. - [December 3rd - This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/december-3rd-this-weeks-top-cybersecurity-and-dark-web-stories/) - Dive into the latest dark web and cybersecurity news including the London councils hit by cyberattacks, the major escalation of an NPM supply chain attack, and the data breach on Iberia. - [New offensive security research: Remote Code Execution (RCE) vulnerability in Next.js](https://slcyber.io/blog/new-offensive-security-research-remote-code-execution-rce-vulnerability-in-next-js/) - To support customer testing and validation, we’ve added a reverse-engineered proof of concept to Assetnote. Our research team also published an open-source test, which is available on our GitHub. Contact sales - [Why is Attack Surface Management Now Worth the Cost?](https://slcyber.io/blog/why-is-attack-surface-management-now-worth-the-cost/) - Discover why investing in attack surface management pays off. Learn how it reduces risks, strengthens security, and delivers long-term value. - [Where Does Dark Web Intelligence Fit in The MITRE ATT&CK Framework?](https://slcyber.io/where-does-dark-web-intelligence-fit-in-the-mitre-attck-framework/) - Discover how dark web intelligence aligns with the MITRE ATT&CK framework to enhance threat detection, anticipate adversary behavior, and strengthen cybersecurity defenses with deeper contextual insights. - [What are Initial Access Brokers?](https://slcyber.io/what-are-initial-access-brokers/) - Get to know who Initial Access Brokers are, how they gain unauthorized access to networks, and how they sell it on dark web forums. - [10 Questions You Should Ask a Vendor Before Buying a Cyber Threat Intelligence Solution](https://slcyber.io/10-questions-you-should-ask-a-vendor-before-buying-a-cyber-threat-intelligence-solution/) - Before buying a cyber threat intelligence solution, ask these 10 essential vendor questions to validate platform capabilities, intelligence depth, and ROI. - [How Organizations Can Combat Ransomware Groups with Dark Web Monitoring](https://slcyber.io/how-organizations-can-combat-ransomware-groups-with-dark-web-monitoring/) - Discover how dark web monitoring helps in identifying compromised credentials and tracking leak sites can help your organization detect and mitigate ransomware threats. - [Three Reasons Why Traditional Attack Surface Management Now Isn't Enough](https://slcyber.io/blog/three-reasons-why-traditional-attack-surface-management-now-isnt-enough/) - Discover three reasons why traditional attack surface management isn’t enough today and learn how modern approaches better protect against evolving cyber risks. - [Identifying Insider Threats with Dark Web Monitoring](https://slcyber.io/identifying-insider-threats-with-dark-web-monitoring/) - In this blog you’ll learn all you need to know about insider threats, where they might come from, and how to mitigate the risk of rogue employees. - [The Value of Dark Web Data to Cyber Threat Intelligence Teams](https://slcyber.io/the-value-of-dark-web-data-to-cyber-threat-intelligence-teams/) - We discuss how the dark web data can unlock valuable insights for cyber threat intelligence teams, plus how you can identify any gaps in your data collections. - [How to Improve Incident Response with Attack Surface Management](https://slcyber.io/blog/how-to-improve-incident-response-with-attack-surface-management/) - Boost incident response with attack surface management. Discover how ASM enhances visibility, speeds detection, and helps resolve threats faster. - [What is The Invisible Internet Project (I2P)?](https://slcyber.io/what-is-the-invisible-internet-project-i2p/) - Learn what I2P is, how it works, and why dark web users are shifting to it as a Tor alternative. Understand its role in emerging cybercrime trends. - [Attack-For-Hire Services: The Evolution of DDoS](https://slcyber.io/attack-for-hire-services-the-evolution-of-ddos/) - Our threat intelligence analysts assess tools for sale on dark web forums that help criminals to launch their own distributed denial-of-service (DDoS) attacks. - [How Dark Web Monitoring is Overcoming the Challenge of Tracing Illicit Cryptocurrency Transactions](https://slcyber.io/how-dark-web-monitoring-is-overcoming-the-challenge-of-tracing-illicit-cryptocurrency-transactions/) - We discuss the challenges law enforcement face when tracing the use of cryptocurrency by cybercriminals on the dark web, and how dark web monitoring can help. - [Why Dark Web Monitoring Is Worth the Cost](https://slcyber.io/why-dark-web-monitoring-is-worth-the-cost/) - Dark Web Monitoring protects sensitive data from cyber threats. Learn why businesses say investing in Dark web Monitoring is worth it. Read to Learn More! - [Using EASM and Dark Web Monitoring to Identify Vulnerabilities](https://slcyber.io/using-easm-and-dark-web-monitoring-to-identify-vulnerabilities/) - Discover how EASM and dark web monitoring help uncover hidden vulnerabilities, strengthen security posture, and protect your business from cyber risks. - [How Dark Web Monitoring Helps Counter Terrorism Threats](https://slcyber.io/how-dark-web-monitoring-can-overcome-the-challenges-of-policing-terrorism-on-the-dark-web/) - Check out the challenges law enforcement face when tracking and tracing terrorist networks on the dark web and uncover how these challenges can be overcome. - [Attack Surface Management Software: Why it’s Critical for Cybersecurity](https://slcyber.io/blog/attack-surface-management-software-why-its-critical-for-cybersecurity/) - Discover how Attack Surface Management software enhances cybersecurity by identifying external vulnerabilities and reducing your organization’s attack exposure. - [Using External Attack Surface Management (EASM) and Dark Web Monitoring in Tandem](https://slcyber.io/using-external-attack-surface-management-easm-and-dark-web-monitoring-in-tandem/) - Discover how combining External Attack Surface Management with Dark Web Monitoring uncovers hidden threats, reduces risk, and strengthens security. - [November 5th - This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/november-5th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Read more about the warning issued regarding ongoing unpatched Cisco devices, the data breach on the Swedish power grid, and how European diplomats are being exploited using Windows zero-day. - [November 26th - This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/november-26th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Dive into this week’s top cybersecurity and dark web news stories including the exposure of BadAudio malware, the CrowdStrike insider feeding information to hackers, and the sanctions imposed on Media Land. - [November 19th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/november-19th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Learn more about this week's top cybersecurity news including the latest phase of Operation Endgame, the new phishing wave targeting hospitatlity, and the RondoDox botnet. - [November 12th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/november-12th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Read more about the hacking of the congressional budget office, the novel backdoor identified by Microsoft, and the German-led law enforcement targeting three major fraud and money laundering networks. - [December 17th - This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/december-17th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Dive into this week's cybersecurity and dark web news stories, including advanced AI models posing cybersecurity risks, the French government confirming an attack, and the new advanced phishing kits identified. - [December 10th - This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/december-10th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Dive into this week's cybersecurity and dark web news stories, including the critical React2Shell flaw being actively exploited, BRICKSTORM being attributed to People's Republic of China, and Europol shutting down Cryptomixer. - [How Does the Ransomware Landscape Look for 2025?](https://slcyber.io/blog/how-does-the-ransomware-landscape-look-in-2025/) - In this blog we will uncover the state of the current ransomware landscape and discuss how monitoring tools can help reduce the threat of attack. - [What are Supply Chain Attacks?](https://slcyber.io/blog/what-are-supply-chain-attacks/) - Learn what supply chain attacks are, how they work, and why they pose a serious cybersecurity risk to businesses across industries. Read to Learn More! - [Why is Ransomware Still a Popular Attack Technique?](https://slcyber.io/why-is-ransomware-still-a-popular-attack-technique/) - Ransomware remains a top cyberattack method due to high payouts, easy deployment, and evolving tactics. Learn why it persists and how organizations can stay protected. - [Overcoming the Challenges of Cybercriminals Trafficking Illegal Goods from the Dark Web](https://slcyber.io/overcoming-the-challenges-of-cybercriminals-trafficking-illegal-goods-from-the-dark-web/) - Learn how selling illicit goods on the dark web has challenged law enforcement, and how investigation tools can help put cybercriminals being put behind bars. - [Warlock Ransomware Gang Targets Orange and Colt](https://slcyber.io/blog/warlock-ransomware-gang-targets-orange-and-colt/) - In this blog learn more about the cyberattacks on Orange and Colt by Warlock. - [October 8th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/october-8th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Dive into this week's top cybersecurity and dark web news stories, including the resurfacing of the XWorm malware, the extortion emails received by Oracle customers, and the cyberattack affecting Renault UK. - [October 29th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/october-29th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Read more about the cybercrime-as-a-service network take down, the critical WSUS flaw in Windows server, and Japanese retailers halt online sales following cyberattack. - [October 22nd - This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/october-22nd-this-weeks-top-cybersecurity-and-dark-web-stories/) - Read more on this week’s top cybersecurity and dark web news stories including the F5 cybersecurity breach, Google ads for fake sites deliver infostealer malware, and fake password manager alerts lead to PC hijacks. - [October 15th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/october-15th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Dive into this week’s top cybersecurity and dark web news stories including the new Android spyware imitating apps, the hackers leaking Salesforce data, and Discords third-party cyberattack. - [Strengthening Cybersecurity with Digital Footprint Monitoring Using EASM and Dark Web Tools](https://slcyber.io/see-your-digital-footprint-from-a-criminals-point-of-view-with-easm-and-dark-web-monitoring/) - Discover how digital footprint monitoring with EASM and dark web tools helps you see what attackers see, uncover risks, and strengthen cyber defense. - [What is Dark Web Monitoring?](https://slcyber.io/what-is-dark-web-monitoring/) - Dark web monitoring tracks stolen data and cyber threats on hidden networks. Learn its Meaning, benefits, challenges, and how it protects your business from cyber risks. - [September 24th – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/september-24th-this-weeks-top-cybersecurity-and-dark-web-stories/) - Infostealer targets MacOS users, major European airports hit by cyberattack, and teenagers charged in TfL cyberattack. - [September 17th - This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/september-17th-this-weeks-top-cybersecurity-and-dark-web-stories/) - HybridPetya ransomware strain, French authorities shutting down a dark web forum, and the VoidProxy phishing campaign targeting Microsoft and Google. - [Chinese-State Sponsored Group Breaches Global Telecoms Networks](https://slcyber.io/blog/chinese-state-sponsored-group-breaches-global-telecoms-networks/) - In this blog series we spotlight one of the stories from our cybersecurity newsletter, Beacon. - [September 10th - This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/this-weeks-top-cybersecurity-and-dark-web-stories/) - Read more about this week's top cybersecurity and dark web news stories. - [October 1st – This Week’s Top Cybersecurity and Dark Web Stories](https://slcyber.io/blog/october-1st-this-weeks-top-cybersecurity-and-dark-web-stories/) - Dive into this week's dark web and cybersecurity news including the Nimbus Manticore malware, Akira ransomware, and the threat to New York cell networks. - [Modernizing Vulnerability Management in Today's Threat Environment](https://slcyber.io/blog/modernizing-vulnerability-management-in-todays-threat-environment/) - Learn how modern vulnerability management helps organizations stay ahead of today’s evolving threat landscape with smarter detection and faster remediation. - [What Is The Blind Spot In Your Attack Surface?](https://slcyber.io/blog/what-is-the-blind-spot-in-your-attack-surface/) - Uncover blind spots in your attack surface and detect threats early. Strengthen cyber defense with Searchlight Cyber’s expert insights. - [What Financial Data is Sold on Dark Web Marketplaces?](https://slcyber.io/what-financial-data-is-sold-on-dark-web-marketplaces/) - Due to its anonymity, the dark web is a haven for those who wish to trade in illegal goods, including financial data. This blog looks at dark web marketplaces. - [Using Dark Web Monitoring For Supply Chain Cybersecurity](https://slcyber.io/using-dark-web-monitoring-for-supply-chain-cybersecurity/) - We've launched a new feature to help organizations address the dark web exposure of their suppliers. - [Unpicking the Truth Behind LockBit's Latest Exploits in Italy](https://slcyber.io/unpicking-the-truth-behind-lockbits-latest-exploits-in-italy/) - This week, LockBit released data that it claimed belonged to the Italian Revenue Agency. This turned out to be false. - [Tor2(Run Out The Back)Door: Exit Scam or Seizure?](https://slcyber.io/tor2run-out-the-backdoor-exit-scam-or-seizure/) - We take a closer look at Tor2Door as the illicit market, one of the biggest on the dark web, goes quiet. - [Three Times Supply Chain Compromise Was Visible on the Dark Web](https://slcyber.io/three-times-supply-chain-comprimise-was-visible-on-the-dark-web/) - The attack surface is not something that’s contained within the boundaries of your 'network fortress'. - [Three Notable Dark Web Law Enforcement Takedowns of 2024 So Far](https://slcyber.io/three-notable-dark-web-law-enforcement-takedowns-of-2024-so-far/) - We discuss the three of the biggest dark web takedowns of 2024 and how law enforcement have succeeded in disrupting criminal behavior on markets and forums. - [Threat Intelligence on Vice Society's Dark Web Footprint](https://slcyber.io/threat-intelligence-on-vice-societys-dark-web-footprint/) - Today we have launched our first Ransomware Spotlight containing threat intelligence on the notorious ransomware group Vice Society. - [Part Two: The Rise of Infostealer Malware on the Dark Web](https://slcyber.io/part-two-the-rise-of-infostealer-malware-on-the-dark-web/) - How can you identify infostealer activity by monitoring outside of your network if they are designed to be persistent and avoid network security solutions? - [Operation Synergia II Takes Down 22,000 Malicious IP Addresses](https://slcyber.io/operation-synergia-ii-takes-down-22000-malicious-ip-addresses/) - Operation Synergia II dismantles 22,000 malicious IP addresses used in global cyberattacks. Learn how this coordinated effort disrupted major threat actors. - [LockBit Claims, Then Denies, Then Claims Attack on Royal Mail](https://slcyber.io/lockbit-claims-then-denies-then-claims-attack-on-royal-mail/) - Threat Intelligence Analyst Louise Ferrett unpicks ransomware group LockBit’s obfuscation of a recent cyberattack. - [LAPSUS$: The Next Generation of Financial Threat Actors?](https://slcyber.io/lapsus-the-next-generation-of-financial-threat-actors/) - LAPSUS$ has been making waves in the data extortion scene, becoming increasingly ambitious and outspoken with each attack. - [How Can You Stop Executive Threats With Dark Web Intelligence?](https://slcyber.io/how-can-you-stop-executive-threats-with-dark-web-intelligence/) - Executives’ personal information can often be found on dark web forums, on paste bins, or dox sites without them knowing about it. - [How Can You Spot an Insider Threat With Dark Web Intelligence?](https://slcyber.io/how-can-you-spot-an-insider-threat-with-dark-web-intelligence/) - September was national insider threat awareness month. - [Generative AI on the Dark Web: The Case of the XSSBot](https://slcyber.io/generative-ai-on-the-dark-web-the-case-of-the-xssbot/) - Threat Intelligence Engineer Joe Honey examines XSSBot, an account on the dark web hacking forum XSS that appears to be powered by Generative AI. - [Evil Corp and LockBit Ties Uncovered in Operation Cronos](https://slcyber.io/evil-corp-and-lockbit-ties-uncovered-in-operation-cronos/) - Operation Cronos uncovers ties between Evil Corp and the LockBit ransomware group. Explore how authorities linked the two in this major cybercrime investigation. - [Everest Ransomware Group Increases Initial Access Broker Activity](https://slcyber.io/everest-ransomware-group-increases-initial-access-broker-activity/) - Searchlight Cyber's latest Ransomware Spotlight research focuses on the Everest ransomware group, who is increasingly acting as an Initial Access Broker - [Cybercriminals Targeting Financial Institutions From The Dark Web](https://slcyber.io/cybercriminals-targeting-financial-institutions-from-the-dark-web/) - Financial institutions could find the early warning signs of attack where cybercriminals organize themselves: on the dark web. - [Brazil’s Federal Police Announce Arrest of Notorious Hacker USDoD](https://slcyber.io/brazils-federal-police-announce-arrest-of-notorious-hacker-usdod/) - Brazil’s Federal Police arrest notorious hacker 'USDoD' linked to major cybercrimes and data breaches. Read more about the operation and its implications. - [Blue Yonder Ransomware Attack Disrupts Grocery Store Supply Chain](https://slcyber.io/blue-yonder-ransomware-attack-disrupts-grocery-store-supply-chain/) - Blue Yonder hit by ransomware attack, disrupting grocery store supply chains and operations. Learn how this cyberattack impacts the retail logistics sector. - [Winning the Cybersecurity Arms Race: Dark Web Traffic Monitoring](https://slcyber.io/winning-the-cybersecurity-arms-race-dark-web-traffic-monitoring/) - Adam Wilson, Product Manager at Searchlight Cyber, explains how Dark Web Traffic Monitoring can be used to gain the advantage over the adversary. - [Threat Intelligence Tools: What Financial Institutions Should Look for](https://slcyber.io/blog/what-banks-fintechs-investment-firms-need-from-threat-intelligence-tools/) - Explore why financial institutions are prime cybercrime targets and what features to seek in threat intelligence tools to protect assets and ensure compliance. - [Threats to Business Executives from the Dark Web](https://slcyber.io/blog/threats-to-business-executives-from-the-dark-web/) - In this blog we dive into the subject of executive threats and how business leaders and high profile employees may be at threat from the dark web. - [The Next Chapter for Searchlight Cyber](https://slcyber.io/the-next-chapter-for-searchlight-cyber/) - Our co-founders Ben Jones and Dr. Gareth Owenson explain what new investment from Charlesbank Capital Partners means for the future of Searchlight Cyber. - [The Need for Attack Surface Management in Modern Enterprises](https://slcyber.io/blog/the-need-for-attack-surface-management-in-modern-enterprises/) - In this blog we discuss the ongoing need for modern enterprises to implement Attack Surface Management tools and the many benefits of doing so. - [Sanctions on Nemesis Marketplace Admin Announced](https://slcyber.io/blog/sanctions-on-nemesis-marketplace-admin-announced/) - Sanctions imposed on Nemesis Marketplace admin for facilitating illegal activities on the dark web. Discover the impact of this enforcement action. - [Mitigating the Risk of Initial Access Brokers](https://slcyber.io/mitigating-the-risk-of-initial-access-brokers/) - Our Initial Access Brokers blog discusses how cybersecurity teams can mitigate the risk of an attack by monitoring the dark web. - [Lumma Stealer Disrupted Following Europol and Microsoft Operation](https://slcyber.io/blog/lumma-stealer-disrupted-following-europol-and-microsoft-operation/) - Learn more about the action from law enforcement that resulted in the dismantling of Lumma Stealer. - [LockBit in its Own Words: Further Analysis of the LockBit Data Leak](https://slcyber.io/blog/lockbit-in-its-own-words/) - The Searchlight Cyber Threat Intelligence team shares further observations from its ongoing analysis of the LockBit leak data. - [Google Confirms Data Breach Linked to ShinyHunters](https://slcyber.io/blog/google-confirms-data-breach-linked-to-shinyhunters/) - In this blog learn more about the data breach affecting Google customers. - [Dark Web Drug Market Archetyp Taken Down in Europe-Wide Action](https://slcyber.io/blog/dark-web-drug-market-archetyp-taken-down-in-europe-wide-action/) - In this blog learn more about the dismantling of Archetyp Marketplace in a coordinated law enforcement operation. - [Cartier Confirms Data Breach and Warns Customers They Could Become Targets](https://slcyber.io/blog/cartier-confirms-data-breach-and-warns-customers-they-could-become-targets/) - In this blog learn more about the data breach that's hit luxury brand Cartier. - [Active Exploits Target SharePoint Servers](https://slcyber.io/blog/active-exploits-target-sharepoint-servers/) - In this blog learn more about Microsoft's guidance on the exploitation of SharePoint's vulnerabilities. - [2023 in Review: Hacking Forums and Dark Web Marketplaces](https://slcyber.io/2023-in-review-hacking-forums-and-dark-web-marketplaces/) - The Searchlight Cyber threat intelligence team takes a look at hacking forums and dark web marketplaces to see how the landscape has changed over 2023. - [Salesforce Attack Developments: Scattered Spider and ShinyHunters Team Up](https://slcyber.io/blog/salesforce-attack-developments-scattered-spider-and-shinyhunters-team-up/) - This week's Beacon Spotlight looks at the unholy alliance that has emerged between the hacking collectives ShinyHunters and Scattered Spider - [What Are the Top Languages Used on the Dark Web?](https://slcyber.io/what-are-the-top-languages-used-on-the-dark-web/) - We look at the most common languages spoken on the dark web following the launch of Searchlight Cyber’s new AI-powered language translation capabilities. - [Webinar Recap: Ransomware in H1 2024](https://slcyber.io/webinar-recap-ransomware-in-h1-2024/) - If you missed our “Ransomware in H1 2024 – Dark Web Trends, Groups & Insights” webinar, this blog takes you through three of our key takeaways. - [Russian Zero-Day Seller Offers $4m For Exploits in Telegram](https://slcyber.io/blog/russian-zero-day-seller-offers-4m-for-exploits-in-telegram/) - Operation Zero announced on Thursday that it’s seeking one-click and zero-click remote code execution (RCE) exploits in the messaging app Telegram. - [International Operation Disrupts Pro-Russian Cybercriminal Gang NoName057(16)](https://slcyber.io/blog/international-operation-disrupts-pro-russian-cybercriminal-gang-noname05716/) - In this blog learn about the international operation that has disrupted pro-Russian cybercriminal gang NoName057(16). - [How to Sell Dark Web Intelligence to Your Clients: Tips for MSSPs](https://slcyber.io/how-to-sell-dark-web-intelligence-to-your-clients-tips-for-mssps/) - In this blog post, we provide some tips for MSSPs on how to effectively sell dark web intelligence to clients. - [How to Check if Your Data is on the Dark Web](https://slcyber.io/blog/how-to-check-if-your-data-is-on-the-dark-web/) - How does an organization's data end up on the dark web? We explore the ways cybercriminals exfiltrate data and how dark web monitoring can prevent this. - [How Can Activity on the Dark Web Affect Elections?](https://slcyber.io/how-can-activity-on-the-dark-web-affect-elections/) - In this blog we discuss the potential threats from the dark web that could have an impact on the elections that are happening around the world this year. - [Dark Web Threats Against The Banking Sector](https://slcyber.io/dark-web-threats-against-the-banking-sector/) - Our latest report looks at the most common threats we observe against the banking sector on the dark web - including Initial Access Brokers, insider threats, and supply chain attacks. - [Placing the Dark Web in the Cyber Threat Landscape](https://slcyber.io/csam-placing-the-dark-web-in-the-cyber-threat-landscape/) - Read this blog from our CEO Ben Jones to learn more about how cybercriminals use the dark web this Cybersecurity Awareness Month. - [Cl0p Orchestrates Mass Attack With MOVEit Transfer Zero Day](https://slcyber.io/cl0p-orchestrates-mass-attack-with-moveit-transfer-zero-day/) - The Searchlight Cyber threat intelligence team provides context on the MOVEit Transfer cyberattack and the Cl0p ransomware group behind it. - [CISO Report: How Enterprises Are Using Dark Web Intelligence](https://slcyber.io/ciso-report-how-enterprises-are-using-dark-web-intelligence/) - Searchlight Cyber's latest research looks at how large enterprises are using dark web intelligence to improve their security posture. - [2023 in Review: Threat Actors and Motivations](https://slcyber.io/2023-in-review-threat-actors-and-motivations/) - We take a look at the profiles of some of the most active threat actors of the year and assess the motivations that drove cybercriminal activity in 2023. - [2023 in Review: Malware and Vulnerabilities](https://slcyber.io/2023-in-review-malware-and-vulnerabilities/) - The Searchlight Cyber threat intelligence team highlights new malware and some of the most popular vulnerabilities exploited by hackers over the past year. - [2023 in Review: Attacks Against Financial Institutions](https://slcyber.io/2023-in-review-attacks-against-financial-institutions/) - Searchlight’s threat intelligence team looks at noteworthy cyberattacks against decentralized financial institutions and cryptocurrency exchanges in 2023. - [Hunters International Shuts Down and Offers Free Decryptors](https://slcyber.io/blog/hunters-international-shuts-down-and-offers-free-decryptors/) - In this blog learn more about the shut down of Hunters International and its offer of free decryptors. - [Orange Confirms Cyberattack Disrupting French Customers](https://slcyber.io/blog/orange-confirms-cyberattack-disrupting-french-customers/) - In this blog learn more about the cyberattack impacting Orange and their French customers. - [How Tor Works](https://slcyber.io/how-tor-works/) - Learn how Tor anonymizes internet activity using onion routing. Discover who uses Tor, how it works, and why it's a gateway to the dark web’s hidden services. - [Cybercrime on Telegram: Scams, Illegal Commodities, and Phishing Sites for Sale](https://slcyber.io/cybercrime-on-telegram-scams-illegal-commodities-and-phishing-sites-for-sale/) - Explore how cybercriminals use Telegram to sell phishing sites, offer Refund-as-a-Service, and trade illegal goods like fake IDs, drugs, and stolen data. - [Cybercrime on Telegram: Bank Logs and Fullz, Bypassing MFA, and Cashing Out](https://slcyber.io/cybercrime-on-telegram-bank-logs-and-fullz-bypassing-mfa-and-cashing-out/) - Explore how cybercriminals sell logs and fullz on Telegram, bypass MFA with OTP bots and SIM swaps, and cash out stolen funds with insider help. - [How Law Enforcement is Disrupting Ransomware Gangs](https://slcyber.io/how-law-enforcement-is-disrupting-ransomware-gangs/) - Explore how law enforcement uses dark web monitoring to track, disrupt, and dismantle ransomware gangs, with real-world takedown case studies and insights. - [Overcoming the Challenges of Policing Drug Trafficking on the Dark Web](https://slcyber.io/overcoming-the-challenges-of-policing-drug-trafficking-on-the-dark-web/) - Explore the challenges of policing drug trafficking on the dark web and how dark web tools help law enforcement uncover, track, and prosecute cybercriminals. - [Cybercrime on Telegram: A Connection to the Dark Web](https://slcyber.io/cybercrime-on-telegram-a-connection-to-the-dark-web/) - Explore how cybercriminals use the Telegram app while staying connected to dark web hacking forums and expanding their reach across illicit online networks. - [Top Tips: Five Things Tech Applicants Should Look for When Interviewing](https://slcyber.io/top-tips-five-things-tech-applicants-should-look-for-when-interviewing/) - It’s no secret that tech skills are in high demand. But how do you make sure you're choosing the right role? - [Dark Web Trends Your Business Should Look Out For in 2025](https://slcyber.io/dark-web-trends-your-business-should-look-out-for-in-2025/) - In this blog we look at some of the cybersecurity and dark web trends that organizations should be aware of for 2025. - [Cl0p Ransomware Returns to Old Tactics With Cleo Mass Hack](https://slcyber.io/cl0p-ransomware-returns-to-old-tactics-with-cleo-mass-hack/) - Cl0p ransomware has returned to its old tricks with its latest slew of attacks, using zero-day vulnerabilities in the Cleo file transfer platform. - [Webinar Recap: Dark web intelligence for MSSPs – From SOC to Incident Response](https://slcyber.io/webinar-recap-dark-web-intelligence-for-mssps-from-soc-to-incident-response/) - Missed our webinar? This blog takes you through the key takeaways from our recent “Dark web intelligence for MSSPs – From SOC to Incident Response” webinar. - [Global Law Enforcement Takedown Disrupts Prolific Cybercrime Tool AVCheck](https://slcyber.io/blog/global-law-enforcement-takedown-disrupts-prolific-cybercrime-tool-avcheck/) - Dive into this blog to learn more about the law enforcement takedown that has disrupted prolific cybercrime tool AVCheck. - [Alleged Administrators of Bohemia and Cannabia Dark Web Markets Arrested](https://slcyber.io/alleged-administrators-of-bohemia-and-cannabia-dark-web-markets-arrested/) - The alleged administrators of the notorious Bohemia and Cannabia dark web markets have been arrested after reportedly shutting down their dark web sites and attempting to escape with their profits. - [Bohemia Administrators Blame “Rogue” Developer For Dark Web Market Disruption](https://slcyber.io/bohemia-administrators-blame-rogue-developer-for-dark-web-market-disruption/) - Our threat intelligence analysts take a closer look at developments on the dark web marketplace Bohemia, which has been plagued by disruption over recent months - [Pay2Key Ransomware Gang Resurfaces with Geopolitical Focus](https://slcyber.io/blog/pay2key-ransomware-gang-resurfaces-with-geopolitical-focus/) - Learn more about the resurfacing of the Pay2Key ransomware gang and their new geopolitical focus. - [Global Crackdown Leads to BreachForums Arrest](https://slcyber.io/blog/global-crackdown-leads-to-breachforums-arrest/) - In this blog learn more about the global crackdown that lead to BreachForums Arrest. - [Rydox Marketplace Seized and Three Arrested in Connection with its Operation](https://slcyber.io/rydox-marketplace-seized-and-three-arrested-in-connection-with-its-operation/) - Rydox Marketplace seized and three suspects arrested in major dark web takedown. Learn how authorities dismantled this illicit online operation. - [Russian Court Cracks Down on Hydra Marketplace Leader with Life Sentence](https://slcyber.io/russian-court-cracks-down-on-hydra-marketplace-leader-with-life-sentence/) - Russian court sentences Hydra Marketplace leader to life in prison, marking a major move against dark web crime. Explore the case and its global impact. - [Payment Provider Data Breach Exposes Credit Card Information of 1.7 million Customers](https://slcyber.io/payment-provider-data-breach-exposes-credit-card-information-of-1-7-million-customers/) - Payment provider suffers data breach exposing credit card information of 1.7 million customers. Find out how the attack happened and what’s at risk. - [Ohio Man Sentenced to Three Years in Prison for Dark Web Bitcoin Laundering Service](https://slcyber.io/ohio-man-sentenced-to-three-years-in-prison-for-dark-web-bitcoin-laundering-service/) - Ohio man sentenced to three years in prison for operating a dark web Bitcoin laundering service. Read how authorities tracked and prosecuted the operation. - [Microsoft President Urges Stronger U.S. Action Against Nation-State Cyberattacks](https://slcyber.io/microsoft-president-urges-stronger-u-s-action-against-nation-state-cyberattacks/) - Microsoft President calls for stronger U.S. action against nation-state cyberattacks, urging policy reforms and enhanced digital defense strategies. - [LAPSUS$ and DarkSide: How Threat Groups Communicate on the Dark Web](https://slcyber.io/lapsus-and-darkside-how-threat-groups-communicate-on-the-dark-web/) - It may sound strange, but sometimes ransomware groups in the dark web want to be seen. - [Japan’s FSA Warns of Surge in Securities Account Takeovers](https://slcyber.io/blog/japans-fsa-warns-of-surge-in-securities-account-takeovers/) - Learn more about Japan’s FSA warning of a surge in securities account takeovers. - [Iran Pays $3 Million Ransom Following Cyberattack on Banking Infrastructure](https://slcyber.io/iran-pays-3-million-ransom-following-cyberattack-on-banking-infrastructure/) - In this blog series, we are spotlighting and diving deeper into one of the stories we share each week in our cybersecurity newsletter, Beacon. - [Gaining Visibility of the Entire Ransomware Kill Chain: Dark Reading Webinar Recap](https://slcyber.io/gaining-visibility-of-the-entire-ransomware-kill-chain-dark-reading-webinar-recap/) - Did you miss our “Gaining visibility of the entire ransomware kill chain” webinar? This blog rounds up some of the key takeaways. - [Free Mobile Hit By Major Cyberattack Exposing Personal Data of 20 Million Customers](https://slcyber.io/free-mobile-hit-by-major-cyberattack-exposing-personal-data-of-20-million-customers/) - Free Mobile suffers a major cyberattack exposing the personal data of 20 million customers. Get details on the breach and its impact on user privacy. - [Dynamics on Hacking Forums: How do Threat Actors Trust Each Other?](https://slcyber.io/dynamics-on-hacking-forums-how-do-threat-actors-trust-each-other/) - We explain the systems put in place by hacking forums - like reputation scores and cryptocurrency down payments - to facilitate trust between threat actors - [Coordinated Police Activities Result in the Infiltration of Encrypted Messaging App Ghost and Arrest Dozens](https://slcyber.io/coordinated-police-activities-result-in-the-infiltration-of-encrypted-messaging-app-ghost-and-arrest-dozens/) - Coordinated police raids infiltrate the encrypted messaging app 'Ghost,' leading to dozens of arrests. Discover how global law enforcement cracked the network - [Bridging the Dark Web Investigation Skills Gap with The Dark Web Academy](https://slcyber.io/bridging-the-dark-web-investigation-skills-gap-with-the-dark-web-academy/) - An overview of The Dark Web Academy, a course in dark web investigations launched today by Searchlight Cyber for law enforcement and cybersecurity professionals - [ASAP Administrator Announces That Notorious Dark Web Marketplace is Closing](https://slcyber.io/asap-administrator-announces-that-notorious-dark-web-marketplace-is-closing/) - An ASAP administrator has announced that the notorious dark web marketplace is closing down for “retirement” in a few weeks. - [Alleged LockBit Developer Charged As The Ransomware Group Teases LockBit 4.0](https://slcyber.io/alleged-lockbit-developer-charged-as-the-ransomware-group-teases-lockbit-4-0/) - Rostislav Panev, 51, a dual citizen of Russia and Israel, has been charged in the US with developing and maintaining the source code of the LockBit ransomware. - [RedLine and META Infostealers Targeted in Operation Magnus](https://slcyber.io/redline-and-meta-infostealers-targeted-in-operation-magnus/) - Operation Magnus targets RedLine and META infostealers in a global crackdown on malware distribution. Discover how authorities disrupted these cyber threats. - [Hacktivist Activity in Russian-Ukraine War Persists](https://slcyber.io/blog/hacktivist-activity-in-russian-ukraine-war-persists/) - Hacktivist activity in the Russia-Ukraine war continues, with cyberattacks and digital warfare escalating. Explore the latest developments in this conflict. - [FBI seizes Cracked.io and Nulled.to Hacking Forums](https://slcyber.io/blog/fbi-seizes-cracked-io-and-nulled-to-hacking-forums/) - FBI seizes popular hacking forums Cracked.io and Nulled.to in major cybercrime crackdown. Discover how law enforcement took down these underground sites. - [Cyberattack to Blame for Recent X Outage](https://slcyber.io/blog/cyberattack-to-blame-for-recent-x-outage/) - A cyberattack is reportedly behind the recent outage of social media platform X. Uncover the details and impact of this major disruption. - [BlackBasta Chat Logs Leaked](https://slcyber.io/blog/blackbasta-chat-logs-leaked/) - BlackBasta ransomware gang's internal chat logs leaked, revealing operations, tactics, and insider conversations. Explore the full details of the breach. - [4chan Forum Hacked and Internal Data Leaked](https://slcyber.io/blog/4chan-forum-hacked-and-internal-data-leaked/) - 4chan forum reportedly hacked with internal data leaked online, exposing sensitive user info and admin details. Get the full scoop on this major breach - [Early Analysis of the LockBit Data Leak](https://slcyber.io/blog/early-analysis-of-the-lockbit-data-leak/) - The Searchlight Cyber threat intelligence team shares its initial observations following a data leak from the LockBit ransomware group - [2023 in Review: Cyberattack Techniques](https://slcyber.io/2023-in-review-cyberattack-techniques/) - Cyberattack techniques being implemented in 2023, including instances of insider threat and social engineering services we observed being sold on the dark web. - [Emerging Threats from AI on the Dark Web](https://slcyber.io/blog/emerging-threats-from-ai-on-the-dark-web/) - In this blog we explore what the effect of Artificial Intelligence is on the cybersecurity landscape and delve deeper into dark web AI. - [Legal Aid Agency Confirms Data Breach](https://slcyber.io/blog/legal-aid-agency-confirms-data-breach/) - Learn more about the recent cyberattack on the UK's Legal Aid Agency. - [How Can Continuous Asset Discovery Prevent Security Blind Spots?](https://slcyber.io/blog/how-can-continuous-asset-discovery-prevent-security-blind-spots/) - In this blog we discuss why periodic scanning can leave your digital assets exposed and how continuous asset discovery closes the window of exposure. - [Scattered Spider Linked to Marks & Spencer Cyberattack](https://slcyber.io/blog/scattered-spider-linked-to-marks-spencer-cyberattack/) - As Marks and Spencer continue to deal with the fallout of the cyber incident, Scattered Spider have been linked to the cyberattack. - [The Most Prolific Ransomware Groups to be Aware of Now](https://slcyber.io/blog/the-most-prolific-ransomware-groups-to-be-aware-of-now/) - Ransomware is on the rise. While organizations should up their cybersecurity efforts, it's not now just enough for them to simply be aware of the threat. - [Slopsquatting Supply Chain Threat](https://slcyber.io/blog/slopsquatting-supply-chain-threat/) - In this blog series we spotlight one of the stories from our cybersecurity newsletter, Beacon - [The Growing Threat Posed by Hacktivist Groups](https://slcyber.io/blog/the-growing-threat-posed-by-hacktivist-groups/) - Most hackers are driven by financial gains, hacktivists are driven by ideology, which makes the outcome of their actions unpredictable and more damaging. - [International Law Enforcement Seizes 8Base Ransomware Gang’s Leak Site](https://slcyber.io/blog/international-law-enforcement-seizes-8base-ransomware-gangs-leak-site/) - Law enforcement agencies have taken down the dark web leak site of the 8Base ransomware gang as part of a coordinated operation. - [The Dark Web and Keeping Your Business Safe](https://slcyber.io/the-dark-web-and-keeping-your-business-safe/) - In this blog we discuss why the dark web is a threat to organizations and how dark web monitoring and investigation can keep businesses safe. - [The Risks of Not Keeping an Eye on the Dark Web](https://slcyber.io/the-risks-of-not-keeping-an-eye-on-the-dark-web/) - In this blog we discuss the risks of organizations not monitoring the dark web on a regular basis. - [Deep Web VS Dark Web Investigations](https://slcyber.io/blog/deep-web-vs-dark-web-investigations/) - What’s the difference between the deep web and the dark web? In this blog we take a look at how these two parts of the internet differ, plus discuss their risks, and how they can be safely monitored for cybersecurity threats. - [Why Awareness is Key to Preventing Dark Web Attacks](https://slcyber.io/blog/why-awareness-is-key-to-preventing-dark-web-attacks/) - In this blog we discuss the tactics cybercriminals use to attack organizations, and why awareness of these vectors is key for dark web business protection. - [Conti Attack on Costa Rica: Who is UNC1756?](https://slcyber.io/blog/conti-attacks-costa-rica/) - On April 16, 2022, the Conti News ransomware PR site posted the gang's newest victim: the Ministry of Finance of Costa Rica. - [Financial Crimes on the Dark Web](https://slcyber.io/blog/financial-crimes-on-the-dark-web/) - There is an opportunity for financial services organizations to identify - and stop - criminal activity that could affect their customers. - [Part One: The Rise of Infostealer Malware on the Dark Web](https://slcyber.io/blog/part-1-the-rise-of-infostealer-malware-on-the-dark-web/) - Part one of this blog dives into infostealer malware, explaining how infostealers work and the damage they can cause to organizations. - [Hydra's Collapse Forces Cybercriminals to Regroup](https://slcyber.io/blog/hydras-collapse-forces-cybercriminals-to-regroup/) - Hydra, the world's largest and longest-serving dark web market was forced offline last week following the seizure of its server infrastructure in Germany. - [Yes, Company Credentials on the Dark Web Are a Problem](https://slcyber.io/blog/yes-company-credentials-on-the-dark-web-are-a-problem/) - Is MFA enough to render the emails and passwords leaked on the dark web redundant? In short, no. - [Dark Web Threats Against The Energy Industry](https://slcyber.io/blog/dark-web-threats-against-the-energy-industry/) - New Searchlight Cyber threat intelligence report exposes how cybercriminals selling initial access to energy industry companies on dark web forums. - [Fighting For Child Protection On The Dark Web](https://slcyber.io/blog/fighting-for-child-protection-on-the-dark-web/) - We were proud to sponsor and speak at the NCPTF annual conference, which took place in the last week of June. - [Clear, Deep, and Dark Web: Beyond the Iceberg](https://slcyber.io/blog/clear-deep-and-dark-web-beyond-the-iceberg/) - In cybersecurity discourse, phrases such as clear, deep, and dark web are often used in various contexts to mean different things. - [Dark Web and Cybersecurity Predictions for 2023](https://slcyber.io/blog/dark-web-and-cybersecurity-predictions-for-2023/) - Our experts give their predictions on what dark web and cybersecurity trends they expect to be prominent in the year ahead. - [An Insider’s Guide to Digital Forensics and Incident Response (DFIR): Webinar Recap](https://slcyber.io/blog/an-insiders-guide-to-digital-forensics-and-incident-response-dfir-webinar-recap/) - In our latest webinar, our expert talked about, and explored, the vital role of Digital Forensics and Incident Response (DFIR). - [Verizon DBIR 2022: Combating Criminal Efficiency](https://slcyber.io/blog/verizon-dbir-2022-combating-criminal-efficiency/) - This week Verizon released its annual Data Breach Investigations Report (DBIR). - [A Timeline of Events: Operation Cronos and LockBit](https://slcyber.io/blog/a-timeline-of-events-operation-cronos-and-lockbit/) - The Searchlight Cyber threat intelligence team explains how the events of Operation Cronos led up to the sanction and unmasking of LockBit’s leader. - [Crypto and DeFi Hacks Q1 2024](https://slcyber.io/blog/crypto-and-defi-hacks-q1-2024/) - Carlito Perschky provides an overview of the most noteworthy crypto-related hacks of Q1, which saw multiple attacks against DeFi institutions. - [How to Prepare for ISO 27001:2022](https://slcyber.io/blog/how-to-prepare-for-iso-27001-2022/) - An overview of the ISO 27001:2022 standard and how organizations can comply with the new threat intelligence requirements before the deadline in 2025. - [The Value of Dark Web Intelligence for MSSPs](https://slcyber.io/blog/the-value-of-dark-web-intelligence-for-mssps/) - We know from our MSSP partners that their customers are increasingly asking them for insight into the dark web. - [Five Takeaways From the NCSC’s Annual Review](https://slcyber.io/blog/five-takeaways-from-the-ncscs-annual-review/) - Our five highlights from the NCSC yearly roundup. - [Who Defends the Defenders on the Dark Web?](https://slcyber.io/blog/who-defends-the-defenders-on-the-dark-web/) - With the release of the new Stealth Browser, Dave Osler, Head of Product at Searchlight Cyber looks at what this means for analysts and investigators as they carry out research on the dark web. - [A New Look and Feel for Searchlight Cyber](https://slcyber.io/blog/a-new-look-and-feel-for-searchlight-cyber/) - We are excited to announce that we are capping off our year with a rebrand to Searchlight Cyber. ## Pages - [Home](https://slcyber.io/) - Outpace attackers with high signal and low noise Attack Surface Management and Digital Risk Protection tools to help defenders stay ahead of external threats. - [Stealth Browser - your dark web virtual machine](https://slcyber.io/products/cerberus/stealth-browser-your-dark-web-virtual-machine/) - Mask your identity & protect your network from malware with our virtual machine. Anonymously investigate dark web forums & more with our stealth browser. - [Enterprise and MSSPs](https://slcyber.io/enterprise-and-mssps/) - Smarter dark web monitoring and investigation tools. Your team deserves better. Join the security teams that rely on Searchlight to stop dark web threats. - [PDF Download Page (Protect your extended attack surface)](https://slcyber.io/pdf-download-assetnote-continuous-asset-discovery/) - Download the Assetnote Continuous Asset Discovery brochure to map attack surfaces, detect vulnerabilities, and gain real-time visibility across your digital assets. - [PDF Download Page (DarkIQ for Law Enforcement)](https://slcyber.io/pdf-download-darkiq-for-law-enforcement/) - Download the DarkIQ brochure for law enforcement. Monitor dark web threats and safeguard your team. Get your PDF now. - [PDF Download Page (DarkIQ for Enterprise)](https://slcyber.io/pdf-download-darkiq-for-enterprise/) - Download the DarkIQ for Enterprise datasheet to access preemptive dark web threat monitoring. Get your PDF now. - [PDF Download Page (Assetnote for Government)](https://slcyber.io/pdf-download-assetnote-for-government/) - Download the Assetnote for Government brochure and discover ASM tools that protect critical infrastructure. Click to get your PDF now. - [Thank You](https://slcyber.io/thank-you/) - Thank you for scheduling your Searchlight Cyber demo! Check your email for confirmation and details, then explore our blog for top cybersecurity insights. - [PDF Download Page (DarkIQ for MSSPs)](https://slcyber.io/pdf-download-darkiq-for-mssps/) - Download the DarkIQ for MSSPs brochure and discover proactive dark web monitoring. Get your datasheet now. - [PDF Download Page (Assetnote for Law Enforcement)](https://slcyber.io/pdf-download-assetnote-for-law-enforcement/) - Download the Assetnote for Law Enforcement brochure to monitor attack surfaces, detect vulnerabilities, and stay ahead of cyber threats in real time. - [PDF Download Page (Assetnote for Enterprise)](https://slcyber.io/pdf-download-assetnote-for-enterprise/) - Explore Enterprise ASM that just works. Download the Assetnote datasheet from Searchlight Cyber now. - [PDF Download Page (Assetnote for MSSPs)](https://slcyber.io/pdf-download-assetnote-for-mssps/) - Download the Assetnote for MSSPs datasheet from Searchlight Cyber for the Attack Surface Management your clients deserve. Get your copy now. - [PDF Download Page (DarkIQ for Government)](https://slcyber.io/pdf-download-darkiq-for-government/) - Download the DarkIQ brochure to learn how government agencies can monitor the dark web for threats. Get your datasheet now. - [Leadership Team](https://slcyber.io/leadership-team/) - Searchlight Cyber's leadership team is committed to stop bad actors and help defenders stay ahead of external threats. - [Products - Unified ASM and dark web intelligence  ](https://slcyber.io/products/) - Gain complete visibility into hidden assets and emerging threats with Searchlight’s unified Attack Surface Management (ASM) and dark web intelligence, so you can shift from reactive response to preemptive defense. - [PDF Download Page (Protect your extended attack surface)](https://slcyber.io/protect-your-extended-attack-surface/) - Legacy vulnerability management wasn't built for the modern attack surface. Download the datasheet to see how Searchlight gives security teams a single view across unmanaged infrastructure, subdomains, and dark web intelligence – so you act on what's exploitable, not just what's visible. - [About Searchlight Cyber - Searchlight Cyber's Story](https://slcyber.io/about-searchlight-cyber/) - Our mission is simple: Stop bad actors & help defenders stay ahead of external threats. Learn more about Searchlight, our founders, & the companies we serve. - [Why security professionals trust Searchlight Cyber](https://slcyber.io/why-searchlight-cyber/) - Trusted by leading organizations like Afterpay, Qantas, and Twilio we provide complete visibility across your organization's immediate and extended attack surface - giving you back the first-mover advantage. - [Uncover hidden dark web threats with Cerberus](https://slcyber.io/products/cerberus/) - Equip your team with the world’s most powerful dark web investigations platform. Securely track current and emerging threats on the clear, deep, and dark web with access to +475 billion recaptured data points. - [Instantly Quantify Cyber Risk with Intangic, A Searchlight Cyber company](https://slcyber.io/products/intangic-cyber-risk-quantification/) - The fastest way to accurately price cyber risk grounded in real-world attacker data. Unlock access to peer benchmarking and 7+ years of breach data. - [Attack Surface Management Tool | Searchlight Cyber](https://slcyber.io/products/attack-surface-management-tool/) - The only ASM that scans your entire attack surface – hourly. Unlock market-leading discovery, enrichment, and vulnerability research for your company today. - [Stop attacks earlier with DarkIQ's preemptive monitoring](https://slcyber.io/products/darkiq/) - Take action before criminals hit your network. Monitor for pre-attack indicators such as leaked credentials, phishing infrastructure, and dark web chatter. - [Dark Web Hub](https://slcyber.io/dark-web-hub/) - The Dark Web Hub is an online resource for those investigating the dark web. Access a knowledge base on dark web marketplaces, forums, leak sites, and more. - [Privacy Policy](https://slcyber.io/privacy-policy/) - The purpose of this document is to ensure that data subjects (individuals) are adequately informed about the collection and use of their personal data by Searchlight in its capacity as a Data Controller. - [Technology partnerships - Pre-attack intelligence | Searchlight Cyber](https://slcyber.io/partners/technology-partnerships/) - Defend society from cyber threats as a trusted partner. Help organizations proactively discover, monitor, and secure their entire digital attack surface with Searchlight Cyber. - [Ransomware Search and Insights: Ransomware intelligence dark web tracking tool](https://slcyber.io/products/cerberus/ransomware-intelligence/) - Effortlessly track ransomware groups and actors on the dark web with our ransomware threat intelligence tool - [Government](https://slcyber.io/government-agencies/) - Combined attack surface management and dark web intelligence to give government defenders the operational advantage over threat actors and criminal groups. - [Financial Services - Dark web monitoring for finance companies](https://slcyber.io/financial-services-industry-dark-web-intelligence-for-the-financial-services-sector/) - Be the first to know when cybercriminals are targeting your financial services company with dark web monitoring & intelligence for fraud teams. Learn more. - [Law Enforcement](https://slcyber.io/law-enforcement/) - Dark web investigation tools for law enforcement - [Pre-attack intelligence for MSSPs | Searchlight Cyber](https://slcyber.io/partners/pre-attack-intelligence-for-mssps/) - The security your clients deserve. Hourly ASM and dark web intelligence built for MSSPs to pre-empt threats and strengthen your services. - [[NEW] Integration page - Searchlight platform integrations and API | Searchlight Cyber](https://slcyber.io/products/integrations-and-api/) - Enrich your event & log data with custom ASM alerts & dark web intelligence, all in your existing security solutions via our flexible REST API & integrations. - [Dark Web Monitoring for Your Supply Chain](https://slcyber.io/products/darkiq/supply-chain-security/) - Stay secure (even when your supply chain isn’t). Our automated Supply Chain Security solution monitors threats against your suppliers on the dark web, so you can proactively take action and minimize risk. - [Phishing Site Detection and Takedown Services](https://slcyber.io/products/darkiq/phishing-detection-and-takedown-services/) - Automatically detect phishing sites across all major domains targeting your brand or customers and remove them with our integrated takedown service. - [Dark Web Traffic Monitoring](https://slcyber.io/products/darkiq/dark-web-traffic-monitoring/) - View live and historical Tor traffic to and from your network, so your organization can defend against malware installation, insider threats, and data theft. - [Dark Web Academy - dark web training from Searchlight Cyber](https://slcyber.io/products/dark-web-training/) - Gain the dark web know-how and technical skills you need to identify threats and pursue cybercriminals on the dark web using Cerberus. This hands-on dark web training is for investigators, analysts, and intelligence officers who want to enhance their skills and confidence in conducting dark web investigations. - [Child Protection Investigation Tools for the Dark Web](https://slcyber.io/products/cerberus/child-protection-investigation-tools-for-the-dark-web/) - Built for law enforcement; Intuitive Child Protection Investigation dashboard with dark web image & forum search. Identify active & emerging forums and actors. - [Marketplace Search and Insights](https://slcyber.io/products/cerberus/marketplace-intelligence/) - Unlock access to aggregated intelligence on the most active dark web markets and vendors - making it easier to focus on local or mission-specific threats. - [Searchlight AI Agent: Reclaim your mission time](https://slcyber.io/products/cerberus/ai-agent/) - Cut out the manual work and reclaim valuable cyber investigation time across the dark web, deep web, and clear web with the Searchlight AI Agent. - [Security Research & Zero-Day Insights | ASM - Searchlight Cyber](https://slcyber.io/products/attack-surface-management-tool/security-research/) - Proactive ASM research, built in as standard. Stay ahead of threats to your attack surface with Assetnote’s integrated offensive security insights and alerts. - [High-signal Exposure Engine | ASM - Searchlight Cyber](https://slcyber.io/products/attack-surface-management-tool/exposure-engine/) - Discover Searchlight Cyber’s High-Signal Exposure Engine. Enhance attack surface management, reduce noise, and identify real cyber threats with precision - [Automated Asset Enrichment | ASM - Searchlight Cyber](https://slcyber.io/products/attack-surface-management-tool/automated-asset-enrichment/) - Assetnote doesn’t just find your client-side and server-side assets - it continuously enriches them with business context so you can make decisions faster. - [Hourly Asset Discovery | ASM - Searchlight Cyber](https://slcyber.io/products/attack-surface-management-tool/asset-discovery/) - Threats evolve by the hour, not by the day. Assetnote’s Attack Surface Management tool scans hourly to give real-time visibility into your attack surface. - [Searchlight Reseller Program | Searchlight Cyber](https://slcyber.io/partners/reseller-var-program/) - Expand your reseller portfolio. Unlock new revenue opportunities. Offer leading pre-attack ASM and dark web intelligence cyber solutions. - [Partner Program – ASM and dark web intelligence | Searchlight Cyber](https://slcyber.io/partner-program/) - Best-in-breed ASM and dark web intelligence to protect clients and grow your business. - [Beacon Cybersecurity Newsletter: The weekly cyber round-up trusted by security teams](https://slcyber.io/beacon/) - Beacon Cybersecurity newsletter - Get the latest Cybersecurity news, insights, and intelligence straight to your inbox - [EULA](https://slcyber.io/eula/) - Read the Searchlight Cyber End User License Agreement outlining terms of use, licensing, and legal guidelines for our cybersecurity solutions. - [[Demo] #2 - Two-Column - Monitoring demo page - Book your demo](https://slcyber.io/book-your-demo-dark-web-monitoring-ub/) - Discover how dark web monitoring can help you identify cyber threats earlier– before they impact your business. Automatic monitoring. Prioritized alerts. Dark web traffic monitoring. No-install platform. - [[Demo] Book your Attack Surface Management demo](https://slcyber.io/book-a-demo/attack-surface-management-demo/) - See how Assetnote attack surface management can uncover hidden assets and subdomains before attackers exploit them. Book your demo and elevate your security. - [PDF Download Page (Cerberus for MSSPs)](https://slcyber.io/pdf-download-cerberus-for-mssps/) - Download the Cerberus for MSSPs PDF to see how Searchlight Cyber empowers managed security providers with dark web intelligence and threat monitoring tools. - [PDF Download Page (Cerberus for Law Enforcement)](https://slcyber.io/pdf-download-cerberus-for-law-enforcement/) - Download the Cerberus for Law Enforcement PDF to discover how Searchlight Cyber helps agencies investigate dark web activity and combat cybercrime effectively. - [PDF Download Page (Cerberus for Government)](https://slcyber.io/pdf-download-cerberus-for-government/) - Download the Cerberus for Government PDF to learn how Searchlight Cyber supports public sector agencies in monitoring dark web threats and enhancing cyber defense. - [PDF Download Page (Cerberus for Enterprise)](https://slcyber.io/pdf-download-cerberus-for-enterprise/) - Download the Cerberus for Enterprise PDF to see how Searchlight Cyber helps large organizations monitor the dark web and mitigate cyber threats proactively. - [PDF Download Page (ASM in the age of CTEM - ebook)](https://slcyber.io/pdf-download-asm-in-the-age-of-ctem-ebook/) - https://slcyber.io/pdf-download-asm-in-the-age-of-ctem-ebook/ - [[Demo - draft] Book your demo - Ad Group 1 - CTEM Platform - Hire Services - BlueFig](https://slcyber.io/book-a-demo/ctem/) - Why Assetnote for your CTEM program? Legacy ASM tools surface noise. We deliver hourly scanning, integrated 0-day research, and verified POCs for every finding. - [Black Hat 2025 Book a Meeting](https://slcyber.io/blackhat-book-a-meeting-2025/) - Join us at Black Hat USA 2025! Take the opportunity to discover how you can outpace attackers with complete visibility into external threats. - [Contact](https://slcyber.io/contact/) - Questions about Seachlight's vulnerability research, dark web threat intelligence, or our products? Schedule a meeting with one of our cybersecurity experts. - [[Demo] Book your demo](https://slcyber.io/book-a-demo/) - "We were blown away by the robustness of the platform" - Book your demo to see our unrivalled ASM, dark web monitoring, and investigation platform today. - [[Demo] Two-Column - Enterprise Dark Web Monitoring demo page - Book your demo](https://slcyber.io/book-a-demo/enterprise-dark-web-monitoring/) - Discover how enterprise dark web monitoring can help you identify cyber threats earlier– before they impact your business. Automatic monitoring. Prioritized alerts. Dark web traffic monitoring. No-install platform. - [[Demo] Two-Column - Dark Web Monitoring Platform demo page - Book your demo](https://slcyber.io/book-a-demo/dark-web-monitoring-platform/) - Discover how dark web monitoring platform can help you identify cyber threats earlier– before they impact your business. Automatic monitoring. Prioritized alerts. Dark web traffic monitoring. No-install platform. - [[Demo] Two-Column - Dark Web Monitoring for Business demo page - Book your demo](https://slcyber.io/book-a-demo/dark-web-monitoring-for-businesses/) - Discover how dark web monitoring for businesses can help you identify cyber threats earlier– before they impact your business. Automatic monitoring. Prioritized alerts. Dark web traffic monitoring. No-install platform. - [[Demo] #4 - Two-Column - Ransomware demo page - Book your demo](https://slcyber.io/book-a-demo/dark-web-ransomware-insights/) - Detect and protect against ransomware attacks. Get access to continuously updated dark web ransomware intelligence - helping you defend your business against ransomware attacks from a single dashboard. - [[Demo] #3 - Two-Column - Supply chain demo - Book your demo](https://slcyber.io/book-a-demo/supply-chain-security/) - Keep your business secure, even when your supply chain isn't, with dark web monitoring for your supply chain. Spot attacks earlier. Monitor suppliers through one dashboard. Easy-to-deploy, no-install dark web monitoring platform. - [[Demo] #2 - Two-Column - Monitoring demo page - Book your demo](https://slcyber.io/book-a-demo/dark-web-monitoring/) - Discover how dark web monitoring can help you identify cyber threats earlier– before they impact your business. Automatic monitoring. Prioritized alerts. Dark web traffic monitoring. No-install platform. - [Datasheets](https://slcyber.io/datasheets123/) - Learn how Searchlight Cyber’s Attack Surface Management and dark web investigation platforms help defend against ransomware and prevent cyber incidents earlier. - [Law enforcement competitor](https://slcyber.io/law-enforcement-and-government/) - Better dark web investigation tools. Join the law enforcement & government teams that rely on Searchlight for the advantage in combating dark web crime. - [Thank You - ASM](https://slcyber.io/thank-you-asm/) - [Careers](https://slcyber.io/careers/) - Join the Searchlight Cyber team. We’re on the lookout for talented people that have a passion for cybersecurity. - [RSA 2025 Book a Meeting](https://slcyber.io/rsa-2025-book-a-meeting/) - Request a meeting with the Searchlight Cyber executive team during RSA. See you there! - [test page](https://slcyber.io/test-page/) - [Careers Old](https://slcyber.io/careers-old/) - Join the Searchlight Cyber team. We’re on the lookout for talented people that have a passion for cybersecurity. - [Ransomware Spotlight](https://slcyber.io/ransomware-spotlight/) - Stay ahead of the latest ransomware groups and trends. Register now for Searchlight Cyber's regular email bulletins and receive critical updates from our TI team on the most dangerous groups and trends. - [Energy Industry - Dark Web Monitoring for Energy and ONG companies](https://slcyber.io/oil-and-gas-industry-dark-web-intelligence-for-ong-companies/) - Stay ahead of cybercriminals, ransomware groups & nation-state attacks targeting energy companies with actionable dark web intelligence. Find out more. - [(Version A) Dark web monitoring for your organization | Searchlight Cyber](https://slcyber.io/dark-web-monitoring-platform/) - Automatically monitor the dark web for external threats and get actionable dark web alerts to spot the earliest warning signs of an attack. - [template finder](https://slcyber.io/template-finder/) - [The Practitioner’s Guide to The Dark Web](https://slcyber.io/the-practitioners-guide-to-the-dark-web/) - The Practitioner’s Guide to the Dark Web takes the reader on a tour of the areas of the dark web to educate on what lies within. - [Podcasts](https://slcyber.io/podcasts/) - [Dark Web Risk Report - Find out your dark web exposure | Searchlight Cyber](https://slcyber.io/dark-web-risk-report-find-out-your-dark-web-exposure/) - Get your free Dark Web Risk Report. Find out if your company’s details are exposed on the dark web. See your likelihood of a cyber incident in the next 12 months. - [Sales Portal Login](https://slcyber.io/sales-portal-login/) - [RSA 2024 Book a Meeting](https://slcyber.io/rsa-2024-book-a-meeting/) - Schedule a meeting with a dark web expert ahead of RSA 2024 to discover how dark web intelligence can protect against cyberattacks. - [Dark Web Hub Podcasts](https://slcyber.io/dark-web-hub-podcasts/) - The Dark Dive podcast demystifies the dark web - arming you with everything you need to know about what the dark web is and how it is used. - [Dark Web Hub Videos](https://slcyber.io/dark-web-hub-videos/) - Our Dark Web Explained video series covers aspects of the dark web including how it works, how ransomware groups use it, and how security teams can strike back. - [Whitepapers & Reports](https://slcyber.io/whitepapers-reports/) - Discover the latest dark web intelligence reports and research. Learn how monitoring the dark web can protect your organization from costly security incidents and empower threat hunters and cybercrime investigators to see what criminals don't want them to see. - [Videos](https://slcyber.io/videos/) - Our bite-sized cybersecurity videos on the dark web cover everything you need to know, from the criminal activities you'll find on the dark web to the challenges and opportunities it presents for law enforcement and enterprise security teams. - [Webinars](https://slcyber.io/webinars/) - Explore our cybersecurity webinars, covering the latest dark web research on ransomware groups and cyber threats, with cybersecurity best practices for cyber investigators and analysts. - [Case Studies](https://slcyber.io/case-studies/) - Explore our cyber threat intelligence case studies to learn how cybersecurity teams are already leveraging dark web intelligence to identify cyberattacks earlier and accelerate their investigations. Discover real-world examples that can inspire and enhance your organization's cybersecurity approach. - [FAQs](https://slcyber.io/faqs/) - If you have a question about Searchlight Cyber, our services, or our products, please see our FAQ page. Alternatively, contact our team for more information. - [Cybersecurity Awareness Month Giveaway](https://slcyber.io/cybersecurity-awareness-month-giveaway/) - Find out more about how the dark web impacts your organization this Cybersecurity Awareness Month. - [MSSPs](https://slcyber.io/partners/mssps/) - Built for MSSPs. Add dark web monitoring and investigation to your services to protect your customers from threats that emanate from the deep and dark web. - [Press](https://slcyber.io/press/) - The latest dark web and cybersecurity news from Searchlight Cyber, including updates on products, research, partners, and customers. - [News](https://slcyber.io/news/) - The biggest news and intelligence from the dark web, straight from the Searchlight Cyber team. - [Events](https://slcyber.io/events/) - Join us at events around the world to meet our dark web experts and see Searchlight Cyber in action. - [Glossary](https://slcyber.io/glossary/) ## Webinars - [[On-demand] Spotting Insider Threats on the Dark Web](https://slcyber.io/webinars/spotting-insider-threats-on-the-dark-web/) - Learn why more organizations need to search outside their perimeter to detect insider threats - namely on the dark web where criminals believe they can act with impunity. - [Cyberattacks and retaining customer loyalty - the hidden cost no one is talking about](https://slcyber.io/webinars/cyberattacks-and-retaining-customer-loyalty-the-hidden-cost-no-one-is-talking-about/) - The cost of a cyber incident doesn’t necessarily end once service has been restored. As we'll demonstrate with real-life examples, the erosion of customer trust can create a long-lasting impact on your bottom line and is a hidden cost that cyber and insurance teams consistently fail to factor in. - [The Ransomware Report H2 2025: Why the drop in victims isn’t a win](https://slcyber.io/webinars/the-ransomware-report-h2-2025-why-the-drop-in-victims-isnt-a-win/) - Fewer victims in H2 2025 might look like progress – but year-over-year totals were still up 30%. Join us to discover the top 5 groups of H2 and how your organization can remain vigilant against ransomware threats. - [How dark web intelligence powers preemptive threat exposure management](https://slcyber.io/webinars/how-dark-web-intelligence-powers-preemptive-threat-exposure-management/) - If your Preemptive Threat Exposure Management (PTEM) strategy doesn’t include dark web intelligence, you’re reacting to exposures that attackers already know about. Dark web intelligence, coupled with a mature ASM program, helps you get ahead of threats. In this webinar, Searchlight Cyber will present alongside our partner, Calian, to demonstrate how MSSPs and security teams - [Legacy vs modern Attack Surface Management: What is true ASM?](https://slcyber.io/webinars/what-is-true-attack-surface-management-asm/) - Ethical hackers Michael Gianarakis and Shubham Shah reveal why network perimeter security is no longer enough. As companies increasingly adopt cloud tools and shadow architecture expanding attack surfaces, organizations face rising threats like phishing, leaked credentials, and ransomware. - [[On-demand] The 12 Days of Dark Web FAQ: A mini webinar series](https://slcyber.io/webinars/upcoming-the-12-days-of-dark-web-faq/) - A bite-sized webinar series answering your top dark web questions - how it works, how ransomware groups thrive, and why law enforcement can’t just shut it down. - [Test Your Attack Surface: Security Tools to Validate Exposures](https://slcyber.io/webinars/beyond-the-alert-security-tools-to-validate-exposures/) - Join our hands‑on webinar to validate scanner alerts, detect subdomain takeovers, & uncover SSRF targets. Live demos+200 free credits redeemed during this security tools session. - [Ransomware: Preparing for the inevitable with Dr. Mike Saylor](https://slcyber.io/webinars/ransomware-preparing-for-the-inevitable-with-dr-mike-saylor/) - Learn how ransomware targets large organizations, and how attack surface management & dark web monitoring can help prevent attacks, with Dr. Saylor and Searchlight CEO, Ben Jones. - [Discover the benefits of Searchlight Cyber's Partner Program](https://slcyber.io/webinars/discover-the-benefits-of-searchlight-cybers-partner-program/) - Join Searchlight Cyber as we explore partnership opportunities for MSSPs and VARs looking to stay ahead in dark web intelligence and Continuous Threat Exposure Management (CTEM). Learn how we can work together to meet growing customer demands and drive business growth. - [How to measure the ROI of your Attack Surface Program (ASM)](https://slcyber.io/webinars/how-to-measure-the-roi-of-your-attack-surface-program-asm/) - Learn how to measure your ASM program's success using data-driven metrics and benchmarks, so you can show leadership the ROI of ASM and your team's achievements - [Where is cybercrime coming from in 2025?](https://slcyber.io/webinars/where-is-cybercrime-coming-from-in-2025/) - Join Caleb Barlow, CEO of Cyberbit and former IBM X-Force leader, to discover why cybercrime continues to grow - and what security teams can do to fight back. - [Surfacing Security (series one) - Attack Surface Management (ASM) and beyond](https://slcyber.io/webinars/surfacing-security-attack-surface-management-and-beyond/) - Explore the evolving discipline of Attack Surface Management (ASM) and its role in modern cybersecurity. This series explores why traditional network perimeter security is no longer enough to defend against today’s threats. - [Beyond ASM: What CTEM means for your external risk strategy](https://slcyber.io/webinars/upcoming-beyond-asm-what-ctem-means-for-your-external-risk-strategy/) - Go beyond the buzzwords and learn what CTEM really is and how it aligns with our definition of ‘true ASM” required to keep pace with a constantly evolving threat landscape. - [The Ransomware Report H1 2025: Trends, Groups & Insights](https://slcyber.io/webinars/ransomware-report-h1-2025-trends-groups-insights/) - In this webinar, we analyze the concerning development of ransomware groups creating their own zero-day exploits, underscoring the increasing importance of proactive security measures. - [[On Demand] Correlating cybersecurity risk and dark web exposure with Marsh McLennan](https://slcyber.io/webinars/correlating-cybersecurity-risk-and-dark-web-exposure-with-marsh-mclennan/) - In this webinar, we explore the official findings of Marsh McLennan's latest research on the correlation between dark web exposure and cybersecurity risk. Learn how dark web findings correlate with the increased likelihood of a breach. - [Christmas in July - Critical vulnerabilities unwrapped](https://slcyber.io/webinars/christmas-in-july-critical-vulnerabilities-unwrapped/) - Nobody wants a zero-day disclosure just before Christmas! That’s why throughout July, Searchlight will publish a series of vulnerabilities - from pre-auth command executions to flaws affecting widely deployed enterprise web properties. - [[On demand] Unlocking the Value of Dark Web Intelligence for MSSPs](https://slcyber.io/webinars/on-demand-unlocking-the-value-of-dark-web-intelligence-for-mssps/) - Customers are increasingly asking MSSPs for visibility into the dark web. In this talk, we explain how monitoring this hidden part of the internet can help MSSPs assure their customers and add value to their current offering. - [[On-demand] How Can SOC Analysts Spot Threats Earlier with Dark Web Monitoring?](https://slcyber.io/webinars/how-can-soc-analysts-spot-threats-earlier-with-dark-web-monitoring/) - Watch the webinar to find out everything from preventing phishing attacks, detecting malware call outs to investigating dark web ransomware threats using dark web monitoring. - [[On-Demand] Criminality on the dark web in 2024: Drugs, Fraud, and Trafficking](https://slcyber.io/webinars/criminality-on-the-dark-web-in-2024-drugs-fraud-and-trafficking/) - Despite law enforcement advances, criminals on the dark web continually evolve to avoid detection, making it a challenging environment for investigators in 2024. In this webinar, our threat intelligence team show real-world examples and live demonstrations to illustrate how agencies can investigate and unmask these high-risk criminal actors. - [[On demand] The Ransomware Report 2025: Dark Web Trends, Groups & Insights](https://slcyber.io/webinars/the-ransomware-report-2025-dark-web-trends-groups-insights/) - In this webinar, you’ll find out which ransomware groups are most prolific, the emerging groups to watch, and the tactics to lookout for in 2025. - [[On-demand] Dark Web Threats Against The Finance Sector](https://slcyber.io/webinars/dark-web-threats-against-the-finance-sector/) - Exclusive intel on the dark web threats facing the finance sector from the dark web: from Initial Access Brokers to insider threats, to supply chain attacks. - [[On-Demand] Initial Access Brokers and Infostealers: Your Business for Sale on the Dark Web](https://slcyber.io/webinars/initial-access-brokers-and-infostealers-your-business-for-sale-on-the-dark-web/) - Join the webinar to learn how to identify Infostealers and Initial Access Brokers selling access into your organization’s critical infrastructure on the dark web. - [[On-demand] Ransomware in 2024: Dark Web Trends, Groups & Insights](https://slcyber.io/webinars/ransomware-in-2024-dark-web-trends-insights/) - Gain exclusive insights into the latest ransomware trends on the dark web, including the most prolific actors of 2023, patterns we observed in their activity, and new threats that are emerging as the ransomware ecosystem grows and changes. - [[On-demand]The changing landscape of dark web forums and marketplaces](https://slcyber.io/webinars/the-changing-landscape-of-dark-web-forums-and-marketplaces/) - Discover the changing criminal landscape on dark web forums, marketplaces, and messaging apps such as Telegram - revealing the latest cyberattack techniques, malware strains, and social engineering attacks you need to be aware of. We'll also explore how traditional crime gangs are increasingly moving their operations to dark web forums. - [[On-demand] CTI explained - How to elevate cyber threat intelligence in your organization](https://slcyber.io/webinars/how-to-elevate-cyber-threat-intelligence-in-your-organization/) - Watch now to learn the responsibilities of a modern cyber threat intelligence team (CTI), how to elevate the use of threat intelligence in your security team, and the questions you must ask when selecting a cybersecurity partner. - [[On demand] Gaining Visibility of the Entire Ransomware Kill Chain - Dark Reading](https://slcyber.io/webinars/gaining-visibility-of-the-entire-ransomware-kill-chain/) - Ever wondered what happens before and after a ransomware attack on your network? Watch our exclusive webinar with Dark Reading to discover the full picture with insights from the dark web. - [[On demand] Ransomware in H1 2024 - Dark Web Trends, Groups & Insights](https://slcyber.io/webinars/ransomware-in-h1-2024-dark-web-trends-groups-insights/) - In this webinar, we explore the evolving threat landscape in the first half of 2024, including an analysis of dark web data and the emergence of new ransomware groups in the wake of the disruption of Lockbit. - [[On Demand] How to identify criminals talking about your business on the dark web](https://slcyber.io/webinars/how-to-identify-criminals-talking-about-your-business-on-the-dark-web/) - Learn how to detect dark web threats targeting your business. Join our webinar to explore practical tools and strategies for identifying cybercriminal activity. - [[On-Demand] Policing Tor's hidden services and dark markets in Europe (Arina X Searchlight Cyber)](https://slcyber.io/webinars/policing-tors-hidden-services-and-dark-markets-in-europe/) - Explore cutting-edge dark web evidence collection methods and investigation techniques crucial for cyber and criminal investigations and hear directly from an officer who uses Searchlight. - [[On Demand] Dark web intelligence for MSSPs - From SOC to Incident Response](https://slcyber.io/webinars/dark-web-intelligence-for-mssps-from-soc-to-incident-response/) - In this webinar, we present three live demonstrations showing how SOC, incident response, and threat-hunting teams can use dark web monitoring and investigation in Searchlight to enhance the services your MSSP offers its clients. - [[On demand] Next Generation Supply Chain Security - Dark Reading](https://slcyber.io/webinars/next-generation-supply-chain-security/) - In this webinar, experts discuss the risks and threats to supply chain security and how enterprises need to shift their strategies to incorporate those challenges. - [[On-demand] An Insider’s Guide to Digital Forensics and Incident Response (DFIR)](https://slcyber.io/webinars/insiders-guide-to-digital-forensics-and-incident-response-dfir/) - Join us for an interview with NCCGroup’s Global Head of Digital Forensics and Incident Response, to learn about the pivotal role Digital Forensics and Incident Response (DFIR) plays in safeguarding digital assets and enhancing cybersecurity defences. - [[On-demand] How LEA, government, and enterprises gather evidence from the dark web](https://slcyber.io/webinars/defeating-the-dark-web-how-lea-government-and-enterprises-gather-evidence-from-the-dark-web/) - Discover detailed strategies for gathering critical evidence from the dark web, aiming to disrupt criminal operations and improve cybersecurity measures. - [[On demand] Ransomware Spotlight on Everest Group: Unveiling the latest dark web ransomware trends](https://slcyber.io/webinars/ransomware-spotlight-on-everest-group-unveiling-the-latest-dark-web-ransomware-trends/) - If you haven’t heard about the Everest ransomware group, chances are you’ve read about their recent attacks on organizations including AT&T and NASA. Join us for an exclusive look into the dark web presence of the Everest Group. - [[On Demand] Ransomware in 2023: Dark Web Trends & Insights](https://slcyber.io/webinars/ransomware-in-2023-dark-web-trends-insights/) - Learn about the emerging ransomware trends in 2023, with unprecedented insight into ransomware groups' leak sites, communications, and actions on the dark web. - [[On demand] Defeating the dark web: Policing Tor's hidden services and dark markets](https://slcyber.io/webinars/defeating-the-dark-web-policing-tors-hidden-services-and-dark-markets/) - Policing the dark web: This webinar brings to life the latest updates to evidence collection methods, countermeasures, and Tor investigation techniques. - [[On Demand] Threat Modeling for the Energy Industry - Using Dark Web Intelligence to Get Ahead of Cybercriminals](https://slcyber.io/webinars/threat-modeling-for-the-energy-industry-using-dark-web-intelligence-to-get-ahead-of-cybercriminals/) - Featuring real-life case studies of dark web threats against energy companies, and actionable advice on how to use dark web intelligence to build threat models and strengthen your company's cyber posture. - [[On Demand] Unlock New Revenue Streams with Dark Web Intelligence: A guide for MSSPs, MSPs, and VARs](https://slcyber.io/webinars/unlock-new-revenue-streams-with-dark-web-intelligence-a-guide-for-mssps-msps-and-vars/) - In this webinar, MSSPs will gain practical advice on how they can boost their revenue by quickly and scalably adding dark web intelligence to their services. - [[On Demand] How top CISOs are leveraging the dark web to gather pre-attack intelligence](https://slcyber.io/webinars/how-top-cisos-are-leveraging-the-dark-web-to-gather-pre-attack-intelligence/) - What is the modern-day CISO prioritizing? Searchlight Cyber's CTO Dr. Gareth Owenson joins an expert panel to discuss the increasing interest in dark web monitoring, as CISOs try to identify cybercriminals earlier in the Cyber Kill Chain. - [[On Demand] Security Synopsis: Secrets of the Dark Web with Node4](https://slcyber.io/webinars/security-synopsis-secrets-of-the-dark-web-with-node4/) - Andy Bates, Node4’s Security Practice Director welcomed Searchlight Cyber's Sales Lead, Andy Scutt, to discuss the secrets of the dark web. ## Whitepapers & Reports - [Ransomware Spotlight: Vice Society's Dark Web Footprint](https://slcyber.io/whitepapers-reports/ransomware-spotlight-vice-societys-dark-web-footprint/) - In this report, Searchlight Cyber analysts have identified a pattern of activity that they assess to be A precursor to vice society ransomware attacks - [Preemptive Visibility: A Breakthrough in Cyber Risk Management](https://slcyber.io/whitepapers-reports/preemptive-visibility-cyber-risk-management/) - How to Predict Breaches Before they Happen and Transition your Security Posture from Reactive Defense to Pre-emptive Cyber Risk Management - [Combating Initial Access Brokers | Mitigation Guide](https://slcyber.io/whitepapers-reports/combating-initial-access-brokers-with-dark-web-intelligence/) - Download the free mitigation guide for 5 ways to combat Initial Access Brokers targeting your organization. - [Ransomware's Record Year: Tracking a Volatile Landscape in H2 2025](https://slcyber.io/whitepapers-reports/the-ransomware-landscape-in-h2-2025/) - Searchlight Cyber Report: Ransomware Groups Claimed Record Number of Victims in 2025, while the Number of Ransomware Groups Reached All-Time Highs - [Hotels: Calculating Cyber Financial Risk](https://slcyber.io/whitepapers-reports/hotels-calculating-cyber-financial-risk/) - The hidden cost in your cyber financial risk calculations: customer loyalty - [The Essential Buyer’s Guide To Attack Surface Management (ASM)](https://slcyber.io/whitepapers-reports/the-essential-buyers-guide-to-asm/) - Discover the questions every cyber leader should ask when selecting an ASM vendor - from proving ROI to identifying the partner that aligns with your strategy. - [An Escalation in Attacks: The Ransomware Landscape in H1 2025](https://slcyber.io/whitepapers-reports/an-escalation-in-attacks-the-ransomware-landscape-in-h1-2025/) - An increase in ransomware victims & groups: Read the report for profiles on the most prolific groups, trends for 2026, & actionable advice for business leaders. - [The Correlation Between Dark Web Exposure and Cybersecurity Risk](https://slcyber.io/whitepapers-reports/the-correlation-between-dark-web-exposure-and-cybersecurity-risk/) - Download the landmark report from Searchlight Cyber and Marsh McLennan to understand the link between dark web exposure and cybersecurity risk. - [Ransomware in H1 2024: Trends from the Dark Web](https://slcyber.io/whitepapers-reports/ransomware-in-h1-2024-trends-from-the-dark-web/) - An update on the most prolific ransomware groups on the dark web, and the emerging threat of new ransomware groups looking to make their mark - [More Groups, More Problems: Ransomware in 2023](https://slcyber.io/whitepapers-reports/ransomware-in-2023/) - More Groups, More Problems: Ransomware in 2023 covers the most prolific ransomware groups last year, changing tactics, and the ransom operations watch in 2024. - [Combating Insider Threat With Dark Web Intelligence | Mitigation guide](https://slcyber.io/whitepapers-reports/combating-insider-threat-with-dark-web-intelligence-mitigation-guide/) - Five ways you can spot an insider threat outside of your network, featuring real-life examples and effective strategies for combating the growing risk of insider threats. - [Combating Cyberattack Techniques with Dark Web Traffic Monitoring | Mitigation Guide](https://slcyber.io/whitepapers-reports/combating-cyberattack-techniques-with-dark-web-traffic-monitoring-mitigation-guide/) - This Mitigation Guide provides five examples of tactics from the MITRE ATT&CK Enterprise Matrix that can be identified through dark web traffic monitoring - [The USA From a Cybercriminal's Perspective](https://slcyber.io/whitepapers-reports/the-usa-from-a-cybercriminals-perspective/) - Organizations and individuals in the USA are targeted by cybercriminals on dark web forums, markets, and on communication channels like Telegram. - [The UK From a Cybercriminal's Perspective](https://slcyber.io/whitepapers-reports/the-uk-from-a-cybercriminals-perspective/) - This threat intelligence report looks at how UK organizations are targeted on dark web forums, marketplaces, and on communication channels like Telegram. - [Dark Web Threats Against The Banking Sector](https://slcyber.io/whitepapers-reports/dark-web-threats-against-the-banking-sector/) - The report uses Searchlight Cyber's proprietary intelligence to demonstrate how banks are targeted by cyber criminals on the dark web and explains how banks can use this information to improve their cyber defense. - [Dark Web Threats Against The Energy Industry: Building A Threat Model For Energy Companies](https://slcyber.io/whitepapers-reports/dark-web-threats-against-the-energy-industry/) - Searchlight Cyber's report, Dark Web Threats Against The Energy Industry, uses proprietary intelligence to demonstrate how energy organizations are targeted on the dark web. - [Ransomware Spotlight: Everest Group Focuses on Initial Access Brokerage](https://slcyber.io/whitepapers-reports/ransomware-spotlight-everest-group-focuses-on-initial-access-brokerage/) - This "Ransomware Spotlight" report from Searchlight Cyber looks at the Everest ransomware group, which has been acting as an Initial Access Broker. - [Same Game, New Players: Ransomware In 2025](https://slcyber.io/whitepapers-reports/same-game-new-players-ransomware-in-2025/) - Searchlight's third annual ransomware report stands out because of major developments in the “key players” of the landscape. - [Profiling a Dark Web Criminal](https://slcyber.io/whitepapers-reports/profiling-a-dark-web-criminal/) - This report takes the alias of a real-life dark web criminal to demonstrate how investigators and cybersecurity teams can build a profile on an actor - [Infostealer Identified](https://slcyber.io/whitepapers-reports/infostealer-identified/) - This report takes a real life example of an infostealer infection in an professional services firm to overcome this malware with dark web monitoring. - [The Essential Buyer's Guide to Cyber Threat Intelligence (CTI)](https://slcyber.io/whitepapers-reports/the-essential-buyers-guide-to-cyber-threat-intelligence-cti/) - Everything you need to know before choosing a Cyber Threat Intelligence collection source - from the importance of data collection to the 10 questions you must ask when selecting a CTI vendor. - [Executives Under Threat](https://slcyber.io/whitepapers-reports/executives-under-threat/) - Discover how dark web monitoring can help you spot cybercriminals targeting executives on forums, marketplaces, and leak sites. - [Shifting Left in the Cyber Kill Chain](https://slcyber.io/whitepapers-reports/shifting-left-in-the-cyber-kill-chain/) - This report uses dark web intelligence from a real-life cyberattack to demonstrate how threat actors can be stopped right at the beginning of the Cyber Kill Chain - in the reconnaissance phase - if organizations know what to look for, and where to look for it. The Cyber Kill Chain is one of the more - [Using the Dark Web for Pre-Attack Intelligence](https://slcyber.io/whitepapers-reports/using-the-dark-web-for-pre-attack-intelligence/) - Read this report to find out how dark web intelligence can help your security team prioritize the most imminent threats and streamline resources. - [The Most Prolific Ransomware Groups of 2022](https://slcyber.io/whitepapers-reports/most-prolific-ransomware-groups-of-2022/) - This report uses dark web data extracted directly from our Ransomware Search and Insights module to show how ransomware groups operate. - [A Guiding Light in the Dark: How MSSPs Are Using Dark Web Threat Intelligence](https://slcyber.io/whitepapers-reports/a-guiding-light-in-the-dark-how-mssps-are-using-dark-web-threat-intelligence/) - Download the report to learn what we found out from surveying more than 500 MSSPs in the US and UK about dark web threat intelligence. - [Suspect Identification: A Use Case On Gathering Evidence From The Dark Web](https://slcyber.io/whitepapers-reports/suspect-identification-gathering-evidence-from-the-dark-web/) - The report is about a real criminal investigation that has led to an indictment in the US. The process is recreated using Searchlight's dark web tool: Cerberus. - [Proactive Defence : How Enterprises Are Using Dark Web Threat Intelligence](https://slcyber.io/whitepapers-reports/proactive-defence-how-enterprises-are-using-dark-web-threat-intelligence/) - Download our latest research report - based on a survey of more than 1,000 CISOs in the US and UK - to find out how large enterprises are using dark web intelligence. We found that 93 percent of CISOs are concerned about dark web threats but the use of threat intelligence varies by geography and - [Government Agency Targeted on the Dark Web](https://slcyber.io/whitepapers-reports/government-agency-targeted-on-the-dark-web/) - This use case looks at how dark web intelligence was used by the government agency to remediate the vulnerability before it was exploited - effectively stopping the attack before it could begin. ## Datasheets - [Protect your extended attack surface](https://slcyber.io/datasheets/protect-your-extended-attack-surface/) - A unified platform for preemptive security. From attack surface management to dark web monitoring and investigations. Gain unrivaled access to unmanaged infrastructure, subdomains, and relevant and actionable dark web intelligence from a single platform – helping you separate the signal from the noise and prioritize the threats that matter. - [Intangic Product Guide](https://slcyber.io/datasheets/intangic-product-guide/) - Know when you're being targeted and quantify your risk against your peers. Intangic provides organizations with preemptive visibility into attacker behavior, enabling earlier intervention and measurable risk reduction. - [Searchlight for Partners: Partner Success Program](https://slcyber.io/datasheets/searchlight-for-partners-partner-success-program/) - Grow your business with Searchlight Cyber. Unlock the best-in-breed attack surface management, dark web intelligence, and security research your clients deserve. - [Cerberus Product Guide](https://slcyber.io/datasheets/cerberus-product-brochure/) - Equip your investigative teams with Cerberus, the world's most powerful dark web search and investigation platform. Gain direct access to live and historic dark web intelligence, enabling visibility into illicit forums, markets, and encrypted channels. - [DarkIQ Product Guide](https://slcyber.io/datasheets/darkiq-product-brochure/) - Gain continuous, real-time visibility into adversaries targeting your personnel, sensitive data, and critical infrastructure on the dark web with DarkIQ's dark web monitoring. - [Assetnote Product Guide](https://slcyber.io/datasheets/assetnote-product-brochure/) - "Easily the best ASM product we've ever used" - Assetnote delivers continuous, verified attack surface monitoring - scanning hourly, not daily, so you can detect exposures as they emerge. - [Our Data - Indexed, Searchable, Actionable Dark Web Data](https://slcyber.io/datasheets/our-data-indexed-searchable-actionable-dark-web-data/) - Searchlight Cyber gives you access to over 475 billion recaptured data points from the clear, deep, and dark web to help investigators identify threats earlier. - [Your Product Guide to Defeating Criminals on the Deep and Dark Web](https://slcyber.io/datasheets/your-product-guide-to-defeating-criminals-on-the-deep-and-dark-web/) - Learn more about our award-winning dark web investigation and dark web monitoring tools. Criminals using the dark web think you can't see them. With Searchlight you can. ## Case Studies - [Technology Company Secures Attack Surface and Prioritizes Exposures with ASM](https://slcyber.io/technology-company-secures-attack-surface-and-prioritizes-exposures-with-asm/) - With Searchlight Cyber's ASM solution, this technology company can prioritize exposures and preemptively tackle threats without being overwhelmed by noise - [CDL Cyber Intelligence Shields Customers from Dark Web Threats](https://slcyber.io/cdl-cyber-intelligence-dark-web-threats/) - This partner case study explores how the MSSP CDL Cyber Intelligence identifies and shields its customers from dark web threats with Searchlight Cyber. - [City Credit Union Actively Protects Members from Data Breaches](https://slcyber.io/case-studies/city-credit-union-actively-protects-members-from-data-breaches/) - City Credit Union wanted to continuously monitor for the earliest possible sign that member data had been compromised and was being shared on the dark web. - [NCC Group Finds a Trusted Partner For Dark Web Intelligence](https://slcyber.io/ncc-group-finds-trusted-partner-for-dark-web-intelligence/) - NCC Group has been a Searchlight Cyber partner for more than four years, utilizing its dark web intelligence and monitoring for its global customer base. - [Cyber Investigation Unit Conducts Safe Dark Web Investigations](https://slcyber.io/cyber-investigation-unit-conducts-safe-dark-web-investigations/) - A Cyber Investigation Unit procured Searchlight Cyber in order to conduct safe dark web investigations following a directive from the chain of command. - [Oakwood Bank Prioritizes Proactive Security With Dark Web Monitoring and Investigations](https://slcyber.io/case-studies/oakwood-bank-prioritizes-proactive-security-with-dark-web-monitoring-and-investigations/) - Oakwood Bank uses Searchlight to proactively monitor the dark web for data relating to both the organization and its customer base to identify security breaches - [European Accountancy Firm Proactively Responds to Cybersecurity Risk](https://slcyber.io/case-studies/european-accountancy-firm-proactively-responds-to-cybersecurity-risk/) - A large European organization approached Searchlight Cyber as it undertook a company-wide initiative to bolster its cybersecurity and defense mechanisms. ## Videos - [It only takes one asset - ASM Security Research](https://slcyber.io/videos/it-only-takes-one-asset-asm-exposure/) - A single unmonitored or unmanaged asset can lead to serious security implications, even if an organization has thousands of other secure assets. "It only takes one asset to leave you exposed." - [How an ASM program paid for itself](https://slcyber.io/videos/how-an-asm-program-paid-for-itself/) - Discover how an ASM program paid for itself—watch our video for key insights and boost your cybersecurity strategy today. - [Shadow exposure is a huge part of your attack surface](https://slcyber.io/videos/shadow-exposure-is-a-huge-part-of-your-attack-surface/) - Most security professionals have a handle on shadow IT, forgotten assets, and cloud misconfigurations – but what about third-party software exposures, AKA 'shadow exposure'? - [How do you monitor the dark web for threats against your organization?](https://slcyber.io/videos/how-do-you-monitor-the-dark-web-for-threats-against-your-organization/) - In this Dark Web Explained video we look at how you can automatically monitor the dark web to identify cyberattacks against your organization. - [How can MSSPs protect their customers from dark web threats?](https://slcyber.io/videos/how-can-mssps-protect-their-customers-from-dark-web-threats/) - In this Dark Web Explained video our CEO Ben Jones talks through the benefits of dark web intelligence for MSSPs, including creating new revenue streams. - [Ransomware supergroups and new alliances](https://slcyber.io/videos/ransomware-supergroups-and-new-alliances/) - The emergence of supergroups within the ransomware ecosystem has been a significant trend over the past six months. In this video we talk about the emergence of DragonForce, a combination of Qilin and LockBit. - [ASM Cybersecurity: Ransomware, Zero-Days & Faster Threat Mitigation](https://slcyber.io/videos/asm-cybersecurity/) - Highlight from our webinar on modern versus legacy Attack Surface Management (ASM), Assetnote co-founders discuss the increasing threats to attack surfaces. - [Who are the top 5 ransomware groups to watch?](https://slcyber.io/videos/who-are-the-top-5-ransomware-groups-to-watch/) - [How do you identify cyberattacks against your supply chain?](https://slcyber.io/videos/how-do-you-identify-cyberattacks-against-your-supply-chain/) - In this Dark Web Explained video Evan Blair explains how dark web intelligence gives organizations unprecedented visibility into supply chain threats - [How can you identify ransomware operators targeting you on the dark web?](https://slcyber.io/videos/how-can-you-identify-ransomware-operators-targeting-you-on-the-dark-web/) - Our Director of Threat Intelligence outlines how ransomware groups use the dark web for multiple phases of the Cyber Kill Chain. - [How can companies preempt and prevent cyberattacks?](https://slcyber.io/videos/how-can-companies-preempt-and-prevent-cyberattacks/) - Charlotte Rhodes focuses on pre-attack activity that can be observed on the dark web and how this intelligence gives defenders a chance to prevent cyberattacks. - [How do you investigate criminal activity on the dark web?](https://slcyber.io/videos/how-do-you-investigate-criminal-activity-on-the-dark-web/) - Criminals use the dark web for its anonymity, which makes it difficult for law enforcement to investigate criminal activity - but not impossible. - [What is the dark web?](https://slcyber.io/videos/what-is-the-dark-web/) - Our founders explain how the dark web works, what criminality it contains, and the challenges it creates for law enforcement and enterprise security teams. - [Ransomware group Qilin releases stolen NHS patient data (Channel 4 News)](https://slcyber.io/videos/ransomware-group-qilin-releases-stolen-nhs-patient-data/) - Searchlight Cyber spoke to Channel 4 News about the implications of the Qilin ransomware attack, including how the group has leaked 400GB of data on its Telegram channel, including what appears to be patient data from the impacted London hospitals. - [What are insider threats?](https://slcyber.io/videos/what-are-insider-threats/) - In this short video Joe Honey explains the risk of #InsiderThreat, how we observe it on the #darkweb, and why it's a threat cybersecurity professionals should be monitoring year-round. - [When does my company need to transition onto the new ISO standards?](https://slcyber.io/videos/when-does-my-company-need-to-transition-onto-the-new-iso-standards/) - We used our product DarkIQ to demonstrate our compliance with the threat intelligence requirements of ISO 27001: 2022. DarkIQ meets both the “collection” and “analysis” stipulations in an automated manner - continuously gathering threat intelligence, analyzing it, and presenting it to the end user in a non-technical format that makes it easy to make accurate and timely risk-based decisions. - [How to Prepare for ISO 27001: 2022 (your complete overview)](https://slcyber.io/videos/how-to-prepare-for-iso-27001-2022/) - Dr Nick Savage - Head of Infrastructure, #Security, and #Compliance at Searchlight Cyber - provides an overview of the ISO 27001 : 2022 standard and how organizations can comply with the new #threatintelligence requirements before the deadline in 2025. ## FAQs - [Are there any incentives or programs for Searchlight Cyber's MSSP partners?](https://slcyber.io/faqs/are-there-any-incentives-or-programs-for-searchlight-cybers-mssp-partners/) - Searchlight Cyber offers a generous partner program for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value Added Resellers (VARs) looking to add dark web monitoring to their services. Our multi-tenancy platform makes it easy for MSSPs to handle multiple customers and offers one-click report creation to help you demonstrate the value of shifting from reactive security to proactive security. - [How is the dark web used by criminals?](https://slcyber.io/faqs/lorem-ipsum-dolor-sit-amet-consectetur-adipiscing-elit-donec-tempus-tincidunt-molestie/) - Though not all dark web activity is illegal, malicious actors prolifically use it as they believe they can't be traced. Here are some common ways criminals use the dark web and share information that can be accessed using the Searchlight Cyber platform. Covert communication: Criminals use dark web forums, encrypted chats, and email services to - [Can dark web intelligence aid cyber attack incident response?](https://slcyber.io/faqs/can-dark-web-intelligence-aid-cyber-attack-incident-response/) - The dark web can provide valuable intelligence that can assist with threat intelligence prior to an attack and incident response following a cyber attack. Since the dark web is often used by cybercriminals to buy and sell stolen data, it can be a useful source of information for identifying the scope of a data breach and determining what data has been compromised. - [Can cybersecurity teams track criminals on the dark web?](https://slcyber.io/faqs/can-cybersecurity-teams-track-criminals-on-the-dark-web/) - Tracking criminals on the dark web can be challenging, as the anonymity and encryption tools used on the dark web make it difficult to identify individuals and trace their activities. However, using Searchlight Cyber’s dark web investigation and monitoring platforms, it is possible to identify and drill into a criminal’s activity and modus operandi, including forum chatter, usernames, aliases, and OSINT data. - [Can I integrate dark web intelligence into my SIEM?](https://slcyber.io/faqs/can-i-integrate-dark-web-intelligence-into-my-siem/) - You can integrate our dark web API threat intelligence feed to enhance your existing SIEM (Security Information and Event Management). Once connected, you can draw from the world’s most comprehensive dark web dataset to give your organization unprecedented access to deep and dark web marketplaces, forums, and onion sites, as well as code repositories, social chats, CVEs, domains, phishing sites, and more. - [Can I check if my organization or its people are on the dark web?](https://slcyber.io/faqs/can-i-check-if-my-organization-or-its-people-are-on-the-dark-web/) - You can use Searchlight Cyber’s investigation and monitoring platform to get a holistic view of your online exposure with visibility into clear web sources including code repositories, social chats, CVEs, and phishing sites. Enterprise and public sectors bodies can also use Searchlight Cyber to proactively identify pre-attack activity of cybercriminals against your organization, leadership team, and supply chain, including leaked credentials, open ports, code repos, and vulnerabilities. - [Do I need to install any software or packages to use Searchlight Cyber?](https://slcyber.io/faqs/do-i-need-to-install-any-software-or-packages-to-use-searchlight-cyber/) - There's no installation or downloads required—all our investigation and monitoring functionality run in your browser. This makes it easy to get started, scale, and implement into your standard operating procedure. Our agentless deployment also makes it possible to monitor the risk profile of supply chain partners, affiliate brands, and acquisitions without installing a line of code. - [Will my SOC team get overloaded by alerts if we add dark web monitoring?](https://slcyber.io/faqs/will-my-soc-team-get-overloaded-by-alerts-if-we-add-dark-web-monitoring/) - Our dark web monitoring platform is designed to ensure your signal-to-noise ratio is high, so your team only gets alerted to imminent threats against your organization. To do this, DarkIQ automatically scans your organization’s attributes, such as domains, IPs, and cloud buckets, against over 11TB of data and more than 12 billion dark and deep - [Is it safe to browse the deep and dark web using Searchlight Cyber?](https://slcyber.io/faqs/is-it-safe-to-browse-the-deep-and-dark-web-using-searchlight-cyber/) - Searchlight Cyber creates a mirror image of the dark web so your teams can safely navigate the most comprehensive dataset of clear, deep, and dark web sources and investigate live sites or search back through more than 15 years of historic data. - [Is being on the dark web legal?](https://slcyber.io/faqs/is-being-on-the-dark-web-legal/) - Accessing the dark web in most countries using software such as Tor is legal in many countries. However, much of the activity and content you’ll find on the dark web is illegal, such as the sale of illicit goods, the exchange of stolen information, and the planning of domestic and international crime. For this reason, the dark web can be a powerful source of information for law enforcement, government, and cyber security professionals. - [Can Searchlight Cyber help me detect and mitigate ransomware attacks?](https://slcyber.io/faqs/can-searchlight-cyber-help-me-detect-and-mitigate-ransomware-attacks/) - Detecting a ransomware attack can be a time-consuming task if performed manually. To streamline gathering this data, TI and IR teams can use Searchlight Cyber’s Ransomware Search and Insights to identify ransomware group trends related to their industry and quickly collate and share this intelligence with their team. - [Can I identify suspicious dark web traffic to my organization?](https://slcyber.io/faqs/can-i-identify-suspicious-dark-web-traffic-to-my-organization/) - Using Searchlight Cyber’s proprietary technology, is it possible to identify suspicious dark web traffic patterns to and from your network. Traffic from the dark web to or from your network may indicate an attacker is attempting to exfiltrate data or communicate with a command and control server. Book a demo to learn how you can - [Does Searchlight Cyber help with compliance requirements?](https://slcyber.io/faqs/does-searchlight-cyber-help-with-compliance-requirements/) - Searchlight Cyber offers solutions for detecting, managing, and responding to cyber threats. These solutions can help companies meet different compliance requirements, including PCI DSS 4.0, ISO27001:2022, and the common criteria required for meeting the requirements of AICPA SOC 2 audits. - [How does Searchlight Cyber source its data?](https://slcyber.io/faqs/how-does-searchlight-cyber-source-its-data/) - Searchlight Cyber gathers data from different sources on the deep and dark web, including underground forums, marketplaces, and encrypted chats, using a combination of automated and manual techniques. They have a threat intelligence team with extensive experience in law enforcement, cybercrime, and the military, and also utilize advanced tools such as cutting-edge web crawlers and natural language processing to extract context-rich information from the collected data. ## Glossaries - [Escrow](https://slcyber.io/glossary/escrow/) - A type of dark web marketplace where multiple sellers sell to buyers through one site. - [Freenet](https://slcyber.io/glossary/freenet/) - A decentralized dark web network that uses peer-to-peer connections to avoid censorship. - [Incident Response (IR)](https://slcyber.io/glossary/incident-response-ir/) - The process of containing and recovering from a data breach or cyber attack, with the objective of mitigating the damage to the organization. - [Indicators of Compromise (IOC)](https://slcyber.io/glossary/indicators-of-compromise-ioc/) - Forensic data, such as data found in system log entries or files, that identifies malicious activity on a system or network. - [Ransomware](https://slcyber.io/glossary/ransomware/) - A type of malware designed to deny a user or organization access to files on their computer by encrypting them. - [Malvertising](https://slcyber.io/glossary/malvertising/) - Advertisements containing hidden programs that are used as a delivery method for malware. - [MITRE ATT&CK](https://slcyber.io/glossary/mitre-attck/) - The MITRE ATT&CK framework is a free tool for organizations to map their defenses against the Tactics, Techniques and Procedures of cybercriminals. - [Onion](https://slcyber.io/glossary/onion/) - Websites on the Tor dark web network are known as onions or hidden services. - [Open Source Intelligence (OSINT)](https://slcyber.io/glossary/open-source-intelligence-osint/) - Intelligence gathered from publicly available sites such as social media, government websites, arrest records, and news outlets. - [Paste Bins](https://slcyber.io/glossary/paste-bins/) - Text repository sites usually hosted on the clear web. These often contain items such as URLS or credential combos. - [Patch](https://slcyber.io/glossary/patch/) - An update to a program or its code that fixes a bug or vulnerability. - [Penetration Testing (Pentest)](https://slcyber.io/glossary/penetration-testing-pentest/) - Simulated attack exercises, usually carried out by an external consultant, to identify security vulnerabilities and inform defense. - [Phishing](https://slcyber.io/glossary/phishing/) - A social engineering attack that tricks the victim either to enter their credentials or to download a malware via a malicious attachment. - [Threat Intelligence](https://slcyber.io/glossary/threat-intelligence/) - Gathering information and data on cyber threats and threat actors to help inform defenses, to mitigate or prevent potential cyberattacks. - [Reconnaissance](https://slcyber.io/glossary/reconnaissance/) - The pre-attack techniques of cybercriminals as they gather information on their target, before executing their attacks. - [Resource Development](https://slcyber.io/glossary/resource-development/) - The pre-attack techniques of cybercriminals, as they gather the resources they need to execute their attack on a victim. - [Pre-Attack Intelligence](https://slcyber.io/glossary/pre-attack-intelligence/) - Threat intelligence that relates to the pre-attack tactics of threat actors, i.e. the actions they take before they breach the network of an organization. - [Proxy](https://slcyber.io/glossary/proxy/) - A proxy IP address is an online server that accepts and forwards requests for different devices on the internet. - [Ransomware-as-a-Service (RaaS)](https://slcyber.io/glossary/ransomware-as-a-service-raas/) - A subscription-based ransomware model that enables affiliates to use already-existing ransomware tools to carry out attacks. - [Threat Modeling](https://slcyber.io/glossary/threat-modeling/) - A process for identifying and prioritizing potential threats, based on threat intelligence, so that countermeasures can be developed. - [Zero Day](https://slcyber.io/glossary/zero-day/) - A vulnerability that hasn't been either identified or addressed by those responsible for maintaining the technology, which can be abused by malicious actors until a patch is released. - [Fullz](https://slcyber.io/glossary/fullz/) - Dark web slang for a "full" packet of financial and personal information needed to commit fraud against an individual. "Fullz" are sold on dark web markets. - [Exit scam](https://slcyber.io/glossary/exit-scam/) - An exit scam is when a dark web market’s administrators withdraw the funds they are holding on behalf of the buyers and sellers and disappear. - [Browser fingerprints](https://slcyber.io/glossary/browser-fingerprints/) - Browser Fingerprints are harvested from computers that have been infected with information stealer malware. - [Infostealers](https://slcyber.io/glossary/infostealers/) - Short for information stealing malware, infostealers are designed to extract valuable victim data hat could be used to conduct fraud or other cyberattacks. - [Cross-Site-Scripting (XSS)](https://slcyber.io/glossary/cross-site-scripting-xss/) - Cross-Site-Scripting (XSS) is a cyberattack technique where malicious code is “injected” into trusted, legitimate websites. - [Operational Security (OPSEC)](https://slcyber.io/glossary/operational-security-opsec/) - Originally a military term, OPSEC describes the process of identifying and obscuring information that could be gathered and exploited by an adversary. - [The Onion Router (Tor)](https://slcyber.io/glossary/the-onion-router-tor/) - The Onion Router (Tor) is a dark web network accessed through free browser software. - [Dark Web Marketplace](https://slcyber.io/glossary/dark-web-marketplace/) - Derived from “black market”, a dark web market offers products and services in exchange for payment. - [Dark Web Forum](https://slcyber.io/glossary/dark-web-forum/) - A dark web forum is a website, accessible only via networks such as Tor, where users post and participate in discussion threads. - [Dark Web](https://slcyber.io/glossary/dark-web/) - The dark web is a subset of the deep web, which is deliberately obfuscated and often requires specialized software, such as Tor, to access. - [Botnet](https://slcyber.io/glossary/botnet/) - A collection of infected computers that form a network, which is remotely controlled by a threat actor. - [Canary](https://slcyber.io/glossary/canary/) - A PGP-signed message, usually posted by dark web market or forum administrators to signify that they are still in control of the site. - [Autoshop](https://slcyber.io/glossary/autoshop/) - A type of dark web marketplace that specializes in the sale of credit card, debit card or bank account information. - [Dox Sites](https://slcyber.io/glossary/dox-sites/) - Dox sites are websites specifically dedicated to sharing someone's person details on the internet without their consent. - [Pretty Good Privacy (PGP)](https://slcyber.io/glossary/pretty-good-privacy-pgp/) - Pretty Good Privacy (PGP) refers to an encryption program used for communication and authentication purposes. - [Invisible Internet Project (I2P)](https://slcyber.io/glossary/invisible-internet-protocol-i2p/) - The Invisible Internet Project (I2P) is an anonymous network layer designed to facilitate private communication between its users. - [Internet Protocol (IP) Address](https://slcyber.io/glossary/internet-protocol-ip-address/) - Every device connected to the internet is assigned a unique numerical identifier, an IP address, created by internet service providers (ISPs). - [Distributed-Denial-of-Service (DDoS) Attacks](https://slcyber.io/glossary/distributed-denial-of-service-ddos-attacks/) - A DDoS attack makes a service unavailable by flooding it with requests, to the point where legitimate requests cannot be dealt with. - [Deep Web](https://slcyber.io/glossary/deep-web/) - The deep web refers to parts of the internet not accessible using standard search engines. - [Data Leak](https://slcyber.io/glossary/data-leak/) - The release of data, giving unauthorized parties access to confidential information. - [Cyber Kill Chain](https://slcyber.io/glossary/cyber-kill-chain/) - The Cyber Kill Chain is a framework to explain the series of steps a cybercriminal must complete in order to execute their attack. - [Clear Web](https://slcyber.io/glossary/the-clear-web/) - The clear web comprises all the publicly available websites that are indexed in search engines, where anyone can find and access them. - [Cryptocurrency Exchange](https://slcyber.io/glossary/cryptocurrency-exchange/) - A business that allows users to exchange different cryptocurrencies or change their cryptocurrencies for traditional (fiat) currency. - [Cryptocurrency](https://slcyber.io/glossary/cryptocurrency/) - A digital currency used as an alternative form of payment, usually built on the blockchain. - [Crypter](https://slcyber.io/glossary/crypter/) - A type of software that can encrypt, obfuscate, and manipulate malware, making it more difficult for security programs to detect it. - [Critical National Infrastructure (CNI)](https://slcyber.io/glossary/critical-national-infrastructure-cni/) - Infrastructure that is vital to the functioning of a society or a state, including water supply, transport, networks, and energy companies. - [Credential Stuffing](https://slcyber.io/glossary/credential-stuffing/) - Using credentials from previous cyberattacks or leaks to try and gain access to a different account linked to the same user. - [Command and Control (C2) Server](https://slcyber.io/glossary/command-and-control-c2-server/) - Cybercriminals use command-and-control servers to remotely control compromised devices. - [Combos](https://slcyber.io/glossary/combos/) - Combinations of credentials, usually names, emails, and passwords, that all relate to a single individual. - [Carding](https://slcyber.io/glossary/carding/) - The process of stealing personal and banking card details. These are either sold to the highest bidder or used for identity fraud. - [Brute Force Attack](https://slcyber.io/glossary/brute-force-attack/) - A technique where the attacker uses computing power and time to gain access to a network. These attacks often follow a loose set of rules. - [Back Door](https://slcyber.io/glossary/back-door/) - Refers to a concealed vulnerability or exploit in a system that can be used to bypass security features and gain access to restricted data. - [Active Directory](https://slcyber.io/glossary/active-directory/) - An internal directory service that allows administrators to manage user permissions and control user access to network resources. - [Account Takeover (ATO)](https://slcyber.io/glossary/account-takeover-ato/) - An attack technique where a threat actor takes over a legitimate user account using stolen passwords and usernames. - [Advanced Persistent Threat Group (APT)](https://slcyber.io/glossary/advanced-persistent-threat-group-apt/) - Groups that carry out attacks on a nation's cybersecurity or economic assets through acts of cyberespionage or sabotage. - [Multi-Factor Authentication (MFA)](https://slcyber.io/glossary/multi-factor-authentication-mfa/) - An extra layer of protection used to ensure the security of online accounts beyond just a username and password. ## News - [Salesforce Marketing Cloud Vulnerability Exposes Email Data Risk](https://slcyber.io/news/salesforce-marketing-cloud-vulnerability-exposes-email-data-risk/) - [Record Ransomware Surge as 7,458 Victims Named in 2025](https://slcyber.io/news/record-ransomware-surge-as-7458-victims-named-in-2025/) - [Record Number of Ransomware Victims and Groups in 2025](https://slcyber.io/news/record-number-of-ransomware-victims-and-groups-in-2025/) - [‘An all-time high’: Number of Ransomware Groups Exploded in 2025 as Victim Growth Rate Doubled - With Qilin Dominating the Landscape](https://slcyber.io/news/an-all-time-high-number-of-ransomware-groups-exploded-in-2025-as-victim-growth-rate-doubled-with-qilin-dominating-the-landscape/) - [Searchlight Cyber Debuts Its Ransomware File Explorer Tool](https://slcyber.io/news/searchlight-cyber-debuts-its-ransomware-file-explorer-tool/) - [Searchlight Cyber Launches Ransomware File Explorer to Identify Data on Leak Sites](https://slcyber.io/news/searchlight-cyber-launches-ransomware-file-explorer-to-identify-data-on-leak-sites/) - [Searchlight Cyber Launches Ransomware File Explorer to Enable Pre-Emptive Detection of Leaked Data](https://slcyber.io/news/searchlight-cyber-launches-ransomware-file-explorer-to-enable-pre-emptive-detection-of-leaked-data/) - [Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day](https://slcyber.io/news/critical-oracle-identity-manager-flaw-possibly-exploited-as-zero-day/) - [Over 250 Magento Stores Hit Overnight as Hackers Exploit New Adobe Commerce Flaw](https://slcyber.io/news/over-250-magento-stores-hit-overnight-as-hackers-exploit-new-adobe-commerce-flaw/) - [Searchlight Cyber Acquires Cyber Risk Management Company Intangic](https://slcyber.io/news/searchlight-cyber-acquires-cyber-risk-management-company-intangic/) - [Searchlight Cyber acquires Intangic](https://slcyber.io/news/searchlight-cyber-acquires-intangic/) - [Searchlight Cyber Buys Intangic to Help Quantify Cyber Risk](https://slcyber.io/news/searchlight-cyber-buys-intangic-to-help-quantify-cyber-risk/) - [Ransomware Groups are Multiplying, Raising the Stakes for Defenders](https://slcyber.io/news/ransomware-groups-are-multiplying-raising-the-stakes-for-defenders/) - ['Everest Group' Extorts Global Orgs via SAP's HR Tool](https://slcyber.io/news/everest-group-extorts-global-orgs-via-saps-hr-tool/) - [LockBit hacked: What Does the Leaked Data Show?](https://slcyber.io/news/lockbit-hacked-what-does-the-leaked-data-show/) - [LockBit Ransomware Admin Panel Hacked, Leaks Reveal Inside Details](https://slcyber.io/news/lockbit-ransomware-admin-panel-hacked-leaks-reveal-inside-details/) - [Searchlight Cyber Adds AI Capabilities to Summarize Dark Web Posts and Threads](https://slcyber.io/news/searchlight-cyber-adds-ai-capabilities-to-summarize-dark-web-posts-and-threads/) - [Feds Seize 145 Domains Associated with BidenCash Cybercrime Platform](https://slcyber.io/news/feds-seize-145-domains-associated-with-bidencash-cybercrime-platform/) - [BidenCash Carding Market Domains Seized in International Operation](https://slcyber.io/news/bidencash-carding-market-domains-seized-in-international-operation/) - [DoJ Seizes 145 Domains Tied to BidenCash Carding Marketplace in Global Takedown](https://slcyber.io/news/doj-seizes-145-domains-tied-to-bidencash-carding-marketplace-in-global-takedown/) - [Carding Marketplace BidenCash Shut Down by Authorities](https://slcyber.io/news/carding-marketplace-bidencash-shut-down-by-authorities/) - [Infostealer malware: What’s the threat to businesses?](https://slcyber.io/news/infostealer-malware-whats-the-threat-to-businesses/) - [The New Ransomware Groups Worrying Security Researchers in 2025](https://slcyber.io/news/the-new-ransomware-groups-worrying-security-researchers-in-2025/) - [Cybersecurity Industry Mixed on Home Office Plans to Ban Ransom Payments](https://slcyber.io/news/cybersecurity-industry-mixed-on-home-office-plans-to-ban-ransom-payments/) - [Palo Alto Networks PAN-OS Flaw Risks Authentication Bypass](https://slcyber.io/news/palo-alto-networks-pan-os-flaw-risks-authentication-bypass/) - [Palo Alto Networks Patches Potentially Serious Firewall Vulnerability](https://slcyber.io/news/palo-alto-networks-patches-potentially-serious-firewall-vulnerability/) - [Palo Alto PAN-OS 0-Day Vulnerability Let Attackers Bypass Web Interface Authentication](https://slcyber.io/news/palo-alto-pan-os-0-day-vulnerability-let-attackers-bypass-web-interface-authentication/) - [PAN-OS Authentication Bypass Hole Plugged, PoC is Public (CVE-2025-0108)](https://slcyber.io/news/pan-os-authentication-bypass-hole-plugged-poc-is-public-cve-2025-0108/) - [Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software](https://slcyber.io/news/palo-alto-networks-patches-authentication-bypass-exploit-in-pan-os-software/) - [Cybersecurity M&A Roundup: 2025 Off to a Fast Start](https://slcyber.io/news/cybersecurity-ma-roundup-2025-off-to-a-fast-start/) - [Searchlight Cyber Snaps Up Assetnote in Maiden Acquisition](https://slcyber.io/news/searchlight-cyber-snaps-up-assetnote-in-maiden-acquisition/) - [Searchlight Cyber Acquires Assetnote to Accelerate Remediation](https://slcyber.io/news/searchlight-cyber-acquires-assetnote-to-accelerate-remediation/) - [Searchlight Cyber Bolsters Threat Intel With Assetnote Buy](https://slcyber.io/news/searchlight-cyber-bolsters-threat-intel-with-assetnote-buy/) - [Searchlight Cyber Acquires Brisbane Attack Surface Firm Assetnote](https://slcyber.io/news/searchlight-cyber-acquires-brisbane-attack-surface-firm-assetnote/) - [Searchlight Cyber Makes Its First Acquisition Since Private Equity Investment](https://slcyber.io/news/searchlight-cyber-makes-its-first-acquisition-since-private-equity-investment/) - [Cloud Digital dives deeper into dark web with Searchlight Cyber](https://slcyber.io/news/11994/) - [Searchlight Cyber Appoints Todd Crick as Chief Operating Officer](https://slcyber.io/news/searchlight-cyber-appoints-todd-crick-as-chief-operating-officer/) - [Government of Mexico's Official Website Claimed by RansomHub Gang](https://slcyber.io/news/government-of-mexicos-official-website-claimed-by-ransomhub-gang/) - [RansomHub Lays Claim on Mexican Government Website Hack](https://slcyber.io/news/ransomhub-lays-claim-on-mexican-government-website-hack/) - [LockBit Taunts New Version as Original Developer Charged](https://slcyber.io/news/lockbit-taunts-new-version-as-original-developer-charged/) - [LockBit Ransomware Gang Teases February 2025 Return](https://slcyber.io/news/lockbit-ransomware-gang-teases-february-2025-return/) - [Massive Troves of Amazon, HSBC employee Data Leaked](https://slcyber.io/news/massive-troves-of-amazon-hsbc-employee-data-leaked/) - [The USA From A Cybercriminal’s Perspective: A Diversifying Landscape](https://slcyber.io/news/the-usa-from-a-cybercriminals-perspective-a-diversifying-landscape/) - [RedLine, Meta Malwares Meet Their Demise at Hands of Dutch Cops](https://slcyber.io/news/redline-meta-malwares-meet-their-demise-at-hands-of-dutch-cops/) - [The Risks of Dark Web Exposure](https://slcyber.io/news/the-risks-of-dark-web-exposure/) - [The Rise of the Hacktivist Supergroup](https://slcyber.io/news/the-rise-of-the-hacktivist-supergroup/) - [European Police Make Headway Against Darknet Drug Markets](https://slcyber.io/news/european-police-make-headway-against-darknet-drug-markets/) - [Brit, 20, 'Made Millions After Setting Up Dark Web Marketplace Aged 17, Selling Drugs and Ransomware to Crooks'](https://slcyber.io/news/brit-20-made-millions-after-setting-up-dark-web-marketplace-aged-17-selling-drugs-and-ransomware-to-crooks/) - [Dark Web Exposure is "Highly Correlated" with Cyberattack Risk](https://slcyber.io/news/dark-web-exposure-is-highly-correlated-with-cyberattack-risk/) - [Organisation Data on Dark Web Increases Cyber Attack Risk: Marsh McLennan](https://slcyber.io/news/organisation-data-on-dark-web-increases-cyber-attack-risk-marsh-mclennan/) - [Dark Web Exposure Increases Risk of Attack](https://slcyber.io/news/dark-web-exposure-increases-risk-of-attack/) - [What I learnt...About the Dark Web](https://slcyber.io/news/what-i-learnt-about-the-dark-web/) - [How Law Enforcement's Ransomware Strategies Are Evolving](https://slcyber.io/news/how-law-enforcements-ransomware-strategies-are-evolving/) - [e2e-assure Partners with Searchlight Cyber](https://slcyber.io/news/e2e-assure-partners-with-searchlight-cyber/) - [Active Ransomware Groups Surge by 56 Percent in 2024](https://slcyber.io/news/active-ransomware-groups-surge-by-56-percent-in-2024/) - [Number of Active Ransomware Groups Increases Over 50 Percent](https://slcyber.io/news/number-of-active-ransomware-groups-increases-over-50-percent/) - [Why Monitoring Dark Web Traffic is Crucial for Cybersecurity Teams](https://slcyber.io/news/why-monitoring-dark-web-traffic-is-crucial-for-cybersecurity-teams/) - [Dark Web Under Siege](https://slcyber.io/news/dark-web-under-siege/) - [How AI Helps Decode Cybercriminal Strategies](https://slcyber.io/news/how-ai-helps-decode-cybercriminal-strategies/) - [Russian Hackers Steal and Share NHS Patients' Private Data](https://slcyber.io/news/russian-hackers-steal-and-share-nhs-patients-private-data/) - [Investigation of Russian Hack on London Hospitals May Take Weeks Amid Worries Over Online Data Dump](https://slcyber.io/news/investigation-of-russian-hack-on-london-hospitals-may-take-weeks-amid-worries-over-online-data-dump/) - [Qilin: We Knew Our Synnovis Attack Would Cause a Healthcare Crisis at London Hospitals](https://slcyber.io/news/qilin-we-knew-our-synnovis-attack-would-cause-a-healthcare-crisis-at-london-hospitals/) - [A Russian Cyber Gang is Thought to be Behind a Ransomware Attack That Hit London Hospitals](https://slcyber.io/news/a-russian-cyber-gang-is-thought-to-be-behind-a-ransomware-attack-that-hit-london-hospitals/) - [Qilin Ransomware Group Blamed for Attack Disrupting London Hospitals](https://slcyber.io/news/qilin-ransomware-group-blamed-for-attack-disrupting-london-hospitals/) - [How to Prepare for ISO 27001:2022's Threat Intelligence Requirements](https://slcyber.io/news/how-to-prepare-for-iso-270012022s-threat-intelligence-requirements/) - [Massive International Police Operation Takes Down Ransomware Networks, Arrests 4](https://slcyber.io/news/massive-international-police-operation-takes-down-ransomware-networks-arrests-4/) - [Massive Police Sweep Across Europe Takes Down Ransomware Networks and Arrests 4 Suspects](https://slcyber.io/news/massive-police-sweep-across-europe-takes-down-ransomware-networks-and-arrests-4-suspects/) - [Ticketmaster Customers Urged to Change Passwords After Global Hack](https://slcyber.io/news/ticketmaster-customers-urged-to-change-passwords-after-global-hack/) - [Shining a Light on the Dark Web: Searchlight Cyber Debuts Comprehensive Hub](https://slcyber.io/news/shining-a-light-on-the-dark-web-searchlight-cyber-debuts-comprehensive-hub/) - [Searchlight Cyber Launches The Dark Web Hub to Demystify the Dark Web and Upskill Cybersecurity and Law Enforcement Professionals](https://slcyber.io/news/searchlight-cyber-launches-the-dark-web-hub-to-demystify-the-dark-web-and-upskill-cybersecurity-and-law-enforcement-professionals/) - [Caleb Barlow Appointed to Searchlight Cyber’s Board of Directors](https://slcyber.io/news/caleb-barlow-appointed-to-searchlight-cybers-board-of-directors/) - [Searchlight Cyber Launches The Dark Web Academy to Upskill Cybersecurity Professionals, Law Enforcement, and Channel Partners in Dark Web Investigations](https://slcyber.io/news/searchlight-cyber-launches-the-dark-web-academy-to-upskill-cybersecurity-professionals-law-enforcement-and-channel-partners-in-dark-web-investigations/) - [DigitalXRAID Partners with Searchlight Cyber](https://slcyber.io/news/digitalxraid-partners-with-searchlight-cyber-2/) - [Monitoring Dark Web Traffic](https://slcyber.io/news/monitoring-dark-web-traffic/) - [DigitalXRAID Partners with Searchlight Cyber](https://slcyber.io/news/digitalxraid-partners-with-searchlight-cyber/) - [Searchlight Cyber Integrates MITRE ATT&CK Mapping Into DarkIQ for Dark Web Monitoring](https://slcyber.io/news/searchlight-cyber-integrates-mitre-attck-mapping-into-darkiq-for-dark-web-monitoring/) - [LockBit Takedown: What You Need to Know about Operation Cronos](https://slcyber.io/news/lockbit-takedown-what-you-need-to-know-about-operation-cronos/) - [LockBit Ransomware Gang’s Website Shut Down by FBI and International Law Enforcement](https://slcyber.io/news/lockbit-ransomware-gangs-website-shut-down-by-fbi-and-international-law-enforcement/) - [LockBit Locked Out: Cyber Community Reacts](https://slcyber.io/news/lockbit-locked-out-cyber-community-reacts/) - [Inside the Dark Web, Where Abuse Abounds and Criminals Deal in Plain Sight](https://slcyber.io/news/inside-the-dark-web-where-abuse-abounds-and-criminals-deal-in-plain-sight/) - [Searchlight Cyber launches Exposure Data view in DarkIQ](https://slcyber.io/news/searchlight-cyber-launches-exposure-data-view-in-darkiq/) - [BlackCat/ALPHV Ransomware Site Seized in International Takedown Effort](https://slcyber.io/news/blackcat-alphv-ransomware-site-seized-in-international-takedown-effort/) - [The 'Big Three’ Ransomware Groups are Losing Their Grip, Study Shows](https://slcyber.io/news/the-big-three-ransomware-groups-are-losing-their-grip-study-shows/) - [How Ransomware Has Changed and the Groups to Watch Out for in 2024](https://slcyber.io/news/how-ransomware-has-changed-and-the-groups-to-watch-out-for-in-2024/) - [Punches, Panic Alarms and Dark Web Extremism: The Hidden Dangers Facing MPs](https://slcyber.io/news/punches-panic-alarms-and-dark-web-extremism-the-hidden-dangers-facing-mps/) - [Searchlight Cyber Adds AI-Powered Language Translation to Simplify Dark Web Investigations](https://slcyber.io/news/searchlight-cyber-adds-ai-powered-language-translation-to-simplify-dark-web-investigations/) - [Searchlight Cyber Secures Charlesbank Investment](https://slcyber.io/news/searchlight-cyber-secures-charlesbank-investment/) - [Charlesbank Capital Partners Goes For Cybersecurity Biz Searchlight Cyber](https://slcyber.io/news/charlesbank-capital-partners-goes-for-cybersecurity-biz-searchlight-cyber/) - [Searchlight Cyber Secures Strategic Investment to Illuminate Dark Web Dangers](https://slcyber.io/news/searchlight-cyber-secures-strategic-investment-to-illuminate-dark-web-dangers/) - [Exploit Code Released For Critical Fortra GoAnywhere Bug](https://slcyber.io/news/exploit-code-released-for-critical-fortra-goanywhere-bug/) - [Searchlight Cyber Introduces AI-Powered Language Translation to Decipher the Dark Web](https://slcyber.io/news/searchlight-cyber-introduces-ai-powered-language-translation-to-decipher-the-dark-web/) - [Cyberattacks Reveal Fragility of Financial Markets](https://slcyber.io/news/cyberattacks-reveal-fragility-of-financial-markets/) - [Rhysida Ransomware Gang Hits Hospital Holding Royal Family’s Data](https://slcyber.io/news/rhysida-ransomware-gang-hits-hospital-holding-royal-familys-data/) - [How to Avoid Fraud on Black Friday](https://slcyber.io/news/how-to-avoid-fraud-on-black-friday/) - [DDoS Attack-for-Hire Services Thriving on Dark Web and Cyber Criminal Forums](https://slcyber.io/news/ddos-attack-for-hire-services-thriving-on-dark-web-and-cyber-criminal-forums/) - [Searchlight Cyber Launches New Program for Channel Partners](https://slcyber.io/news/searchlight-cyber-launches-new-program-for-channel-partners-2/) - [Searchlight Cyber Launches New Program for Channel Partners](https://slcyber.io/news/searchlight-cyber-launches-new-program-for-channel-partners/) - [Dark web partner programme unleashed by Searchlight](https://slcyber.io/news/dark-web-partner-programme-unleashed-by-searchlight/) - [Searchlight Cyber Partners Add Dark Web Intelligence](https://slcyber.io/news/searchlight-cyber-partners-add-dark-web-intelligence/) - [Two Cybersecurity Providers Launch Partner Programs](https://slcyber.io/news/two-cybersecurity-providers-launch-partner-programs/) - [Searchlight Cyber Partners with the Innocent Lives Foundation to Catch Child Predators](https://slcyber.io/news/searchlight-cyber-partners-with-the-innocent-lives-foundation-to-catch-child-predators/) - [The Next Phase of Cyber Protection: Pre-Emptively Detecting Attacks](https://slcyber.io/news/the-next-phase-of-cyber-protection-pre-emptively-detecting-attacks/) - [New DarkIQ Features Can Provide an ‘Early-Warning’ to Cyberattacks](https://slcyber.io/news/new-darkiq-features-can-provide-an-early-warning-to-cyberattacks/) - [Searchlight Cyber Improves DarkIQ Dark Web Traffic Monitoring capabilities](https://slcyber.io/news/searchlight-cyber-improves-darkiq-dark-web-traffic-monitoring-capabilities/) - [Searchlight Cyber Offers Dark Web Traffic Visualizations](https://slcyber.io/news/searchlight-cyber-offers-dark-web-traffic-visualizations/) - [Everest Ransomware Operation Transitioning as IAB](https://slcyber.io/news/everest-ransomware-operation-transitioning-as-iab/) - [Everest Cybercriminals Offer Corporate Insiders Cold, Hard Cash for Remote Access](https://slcyber.io/news/everest-cybercriminals-offer-corporate-insiders-cold-hard-cash-for-remote-access/) - [10 Things You Should Know About Navigating the Dark Web](https://slcyber.io/news/10-things-you-should-know-about-navigating-the-dark-web/) - [The Value of Threat Intelligence and Challenges CISOs Face in Using it Effectively](https://slcyber.io/news/the-value-of-threat-intelligence-and-challenges-cisos-face-in-using-it-effectively/) - [Searchlight Cyber: Dark Web Intelligence for Law Enforcement and Enterprise Cyberdefense](https://slcyber.io/news/searchlight-cyber-dark-web-intelligence-for-law-enforcement-and-enterprise-cyberdefense/) - [Security Awareness Series: Evan Blair, Searchlight Cyber](https://slcyber.io/news/security-awareness-series-evan-blair-searchlight-cyber/) - [Why Should the Financial Sector Care About the Dark Web?](https://slcyber.io/news/why-should-the-financial-sector-care-about-the-dark-web/) - [Lets Talk Cyber Podcast with Searchlight Cyber](https://slcyber.io/news/lets-talk-cyber-podcast-with-searchlight-cyber/) - [Telegram’s Popularity Continues to Soar as Catalog of Available Cybercrime Services Matures](https://slcyber.io/news/telegrams-popularity-continues-to-soar-as-catalog-of-available-cybercrime-services-matures/) - [The Energy Sector Faces Threats From The Dark Web](https://slcyber.io/news/the-energy-sector-faces-threats-from-the-dark-web/) - [Ignore Cybersecurity at Your Peril](https://slcyber.io/news/ignore-cybersecurity-at-your-peril/) - [White Hats on the Darknet](https://slcyber.io/news/white-hats-on-the-darknet/) - [Financial Crime on the Dark Web on the Rise, Reveals New Report](https://slcyber.io/news/financial-crime-on-the-dark-web-on-the-rise-reveals-new-report/) - [Dark Web Activity Targeting the Financial Sector](https://slcyber.io/news/dark-web-activity-targeting-the-financial-sector/) - [Banks Reveal Concern Over Insider Threats](https://slcyber.io/news/banks-reveal-concern-over-insider-threats/) - [Anonymous Sudan claims Microsoft cyberattack and threatens the state of Israel](https://slcyber.io/news/anonymous-sudan-claims-microsoft-cyberattack-and-threatens-the-state-of-israel/) - [Initial Access Broker Posts Targeting Banks Increase on Dark Web](https://slcyber.io/news/initial-access-broker-posts-targeting-banks-increase-on-dark-web/) - [Risks, Rackets and Ransoms: The Dark Side of Cybersecurity Threats](https://slcyber.io/news/risks-rackets-and-ransoms-the-dark-side-of-cybersecurity-threats/) - [How Cybercriminals Target Energy Companies](https://slcyber.io/news/how-cybercriminals-target-energy-companies/) - [Ransom Demanded of BA, BBC and Boots by Cl0p Cybercrime Group](https://slcyber.io/news/ransom-demanded-of-ba-bbc-and-boots-by-cl0p-cybercrime-group/) - [Cl0p Claims the MOVEit Attack; Here's How the Gang Did It](https://slcyber.io/news/cl0p-claims-the-moveit-attack-heres-how-the-gang-did-it/) - [Winners of the IT Europa Channel Awards 2023 revealed](https://slcyber.io/news/winners-of-the-it-europa-channel-awards-2023-revealed/) - [Monitoring the dark web to identify threats to energy sector organizations](https://slcyber.io/news/monitoring-the-dark-web-to-identify-threats-to-energy-sector-organizations/) - [Access to Energy Sector ICS/OT Systems Offered on Hacker Forums](https://slcyber.io/news/access-to-energy-sector-ics-ot-systems-offered-on-hacker-forums/) - [Searchlight Cyber Alerts Energy Sector to Dark Web Threats](https://slcyber.io/news/searchlight-cyber-alerts-energy-sector-to-dark-web-threats/) - [Dark Web Research Illuminates Threats to Energy Companies](https://slcyber.io/news/dark-web-research-illuminates-threats-to-energy-companies/) - [Oil and Gas Sector Lags Behind Other Industries in Gathering Dark Web Intel](https://slcyber.io/news/oil-and-gas-sector-lags-behind-other-industries-in-gathering-dark-web-intel/) - [Ocean’s Roar of Generative AI and Expanding Dark Web Capture Security World’s Attention at RSA](https://slcyber.io/news/oceans-roar-of-generative-ai-and-expanding-dark-web-capture-security-worlds-attention-at-rsa/) - [401(k) Data for Sale: A Peek Inside the Dark Web](https://slcyber.io/news/401k-data-for-sale-a-peek-inside-the-dark-web/) - [Searchlight Cyber Launches Stealth Browser for Safe Dark Web Access](https://slcyber.io/news/searchlight-cyber-launches-stealth-browser-for-safe-dark-web-access/) - Dark web intelligence company Searchlight Cyber has announced the launch of Stealth Browser – a new, secure virtual machine for cyber professionals to access the dark web and conduct investigations anonymously, reducing the risk to themselves and their organization. Stealth Browser is an enhancement to Searchlight’s Cerberus investigation platform, which is used by law enforcement agencies, enterprises, and MSSPs to uncover criminal activity on the dark web. - [With Stealth Browser, Searchlight Cyber ​​Secures Investigations on the Dark Web (French)](https://slcyber.io/news/with-stealth-browser-searchlight-cyber-secures-investigations-on-the-dark-web-french/) - Reserved for cybersecurity experts, Searchlight Cyber's Stealth Browser solution offers secure browsing on the dark web for investigative purposes. - [Cybersecurity in the Dark Web with Searchlight Cyber](https://slcyber.io/news/cybersecurity-in-the-dark-web-with-searchlight-cyber/) - [Stealth Browser Gives Cyber-Investigators Safe and Anonymous Access to the Dark Web](https://slcyber.io/news/stealth-browser-gives-cyber-investigators-safe-and-anonymous-access-to-the-dark-web/) - Dark web intelligence firm Searchlight Cyber has announced Stealth Browser - a secure, user-friendly virtual machine to provide cyber professionals with access to the dark web. - [Searchlight Cyber Launches Stealth Browser for Secure Dark Web Access](https://slcyber.io/news/searchlight-cyber-launches-stealth-browser-for-secure-dark-web-access/) - HelpNetSecurity covers the launch of Stealth Browser, a virtual machine for cyber professionals to access the dark web and conduct investigations anonymously. - [International Law Enforcement Seizes Dark Web Market](https://slcyber.io/news/international-law-enforcement-seizes-dark-web-market-2/) - Searchlight Cyber Threat Intelligence Analyst Louise Ferrett comments on the takedown of the dark web market Genesis in Reuters. - [Operation Cookie Monster shuts down Genesis Market](https://slcyber.io/news/operation-cookie-monster-shuts-down-genesis-market/) - Louise Ferrett, Threat Intelligence Analyst at Searchlight Cyber, speaks to BBC World Service's Newshour programme about the law enforcement takedown of Genesis - ['Operation Cookie Monster': International Police Action Seizes Dark Web Market](https://slcyber.io/news/operation-cookie-monster-international-police-action-seizes-dark-web-market/) - Genesis specialized in the sale of digital products, especially "browser fingerprints", said Louise Ferrett, an analyst at cybersecurity firm Searchlight Cyber. - [Healthcare Lagging in Dark Web Intelligence Use](https://slcyber.io/news/healthcare-lagging-in-dark-web-intelligence-use/) - Recent research from Searchlight Cyber shows that CISOs in the healthcare industry are behind average when it comes to adoption of dark web intelligence. - [Information on 63,000 Children Leaks Online After Cl0p’s Cyberattack on Fortra](https://slcyber.io/news/information-on-63000-children-leaks-online-after-cl0ps-cyberattack-on-fortra/) - Jim Simpson, Director of Threat Intelligence at Searchlight Cyber, spoke to TechMonitor about the possible implications of Cl0p's vulnerability exploitation. - [Dark Web Intelligence is Critical to Defending the Enterprise](https://slcyber.io/news/dark-web-intelligence-is-critical-to-defending-the-enterprise/) - The report from Searchlight Cyber looks at how CISOs are gathering data from the dark web to improve their security posture. - [Security Leaders Concerned About Dark Web Threats](https://slcyber.io/news/security-leaders-concerned-about-dark-web-threats/) - A Searchlight Cyber study has revealed that the majority (93 percent) of enterprise chief information security officers are concerned about dark web threats - [CISOs Searching Dark Web For Intelligence On Cybercriminals](https://slcyber.io/news/cisos-searching-dark-web-for-intelligence-on-cybercriminals/) - CISOs are looking to the dark web to improve their organization’s security posture, according to a new report by dark web specialist Searchlight Cyber. - [Dark Web Intel Underutilized by CISOs, Diminishing Healthcare Cybersecurity](https://slcyber.io/news/dark-web-intel-underutilized-by-cisos-diminishing-healthcare-cybersecurity/) - Fifty-seven percent of healthcare CISOs utilize dark web intelligence in their strategies, causing the sector to lag other industries, a new report revealed. - [Understanding Adversaries Through Dark Web Intelligence](https://slcyber.io/news/understanding-adversaries-through-dark-web-intelligence/) - 93 percent of CISOs are concerned about dark web threats according to new research published by Searchlight Cyber. - [Clop GoAnywhere Attacks Have Now Hit 130 Organizations](https://slcyber.io/news/clop-goanywhere-attacks-have-now-hit-130-organizations/) - Louise Ferrett, Threat Intelligence Analyst at Searchlight Cyber, comments on Cl0p's latest spree of ransomware attacks. - [Over Half of MSSPs Embracing Dark Web Monitoring, Report Finds](https://slcyber.io/news/over-half-of-mssps-embracing-dark-web-monitoring-report-finds/) - [MSSPs Are Diving Into Dark Web Intelligence to Boost Business](https://slcyber.io/news/mssps-are-diving-into-dark-web-intelligence-to-boost-business/) - [U.S. Says It 'Hacked the Hackers' to Bring Down Ransomware Gang, Helping 300 victims](https://slcyber.io/news/u-s-says-it-hacked-the-hackers-to-bring-down-ransomware-gang-helping-300-victims/) - Short of any arrests, Hive's hackers will likely soon "either set up shop under a different brand or get recruited into other RaaS groups," said Jim Simpson, director of threat intelligence at British firm Searchlight Cyber. - [MSSPs Report a Surge in Customer Demand for Dark Web Intelligence](https://slcyber.io/news/mssps-report-a-surge-in-customer-demand-for-dark-web-intelligence/) - [Hunting Insider Threats on the Dark Web](https://slcyber.io/news/hunting-insider-threats-on-the-dark-web/) - Our Director of threat intelligence Jim Simpson explains how you can spot insider threats on the dark web in his article for Dark Reading - [Searchlight Security Launches New Multi-Tenancy Capability](https://slcyber.io/news/searchlight-security-launches-new-multi-tenancy-capability/) - Watch this interview with eChannelNEWS, about Searchlight's new multi-tenancy capabilities for DarkIQ, its powerful dark web monitoring solution. - [Searchlight Security rebrands as Searchlight Cyber](https://slcyber.io/news/searchlight-security-rebrands-as-searchlight-cyber/) - The dark web security specialist unveils image overhaul that includes a brand-new logo, website, and product design - [How MSSPs Can Deliver Value Through Dark Web Threat Intelligence](https://slcyber.io/news/how-mssps-can-deliver-value-through-dark-web-threat-intelligence/) - This article from our CEO Ben Jones looks at how MSSPs can better protect clients by monitoring dark web activity. - [Dark Web Specialist Searchlight Security Rebrands as Searchlight Cyber](https://slcyber.io/news/dark-web-specialist-searchlight-security-rebrands-as-searchlight-cyber/) - Searchlight Security, a dark web intelligence company, has rebranded itself as Searchlight Cyber. - [Searchlight Offers MSSPs Ransomware Dark Web Tracking Tool](https://slcyber.io/news/searchlight-offers-mssps-ransomware-dark-web-tracking-tool/) - Searchlight's new tool automatically collates data from active ransomware groups and helps MSSPs improve dark web monitoring. - [Searchlight Security Changes Name to Searchlight Cyber and Launches New Brand](https://slcyber.io/news/searchlight-security-changes-name-to-searchlight-cyber-and-launches-new-brand/) - Dark Reading covers the launch of our rebrand from Searchlight Security to Searchlight Cyber and launch of our new website - [Most Prolific Ransomware Groups Described](https://slcyber.io/news/most-prolific-ransomware-groups-described/) - Read the analysis of our latest ransomware report from The CyberWire. Featuring profiles of the most prolific groups of 2022 - [New Searchlight Module Automatically Collates Data From Ransomware Groups](https://slcyber.io/news/new-searchlight-module-automatically-collates-data-from-ransomware-groups/) - Ransomware Search and Insights offers a curated view of ransomware groups, including tactics, incidents and victimology - [Cybersecurity Predictions For 2023](https://slcyber.io/news/cybersecurity-predictions-for-2023/) - The CyberWire's 2023 prediction roundup includes our Director of Product on ransomware and our CTO on dark web networks. - [Threat Actor Puts Up 500m WhatsApp Phone Numbers For Sale On The Dark Web](https://slcyber.io/news/threat-actor-puts-up-500m-whatsapp-phone-numbers-for-sale-on-the-dark-web/) - Robert Fitzsimons comments on what hackers could do with a large database of stolen WhatsApp numbers, following a leak - [What is Modern Day CISO Prioritizing As Cyber-Risks Continue To Surge?](https://slcyber.io/news/what-is-modern-day-ciso-prioritizing-as-cyber-risks-continue-to-surge/) - Our CTO Dr. Gareth Owenson explains CISO's increased interest in dark web monitoring to identify cybercriminals before they hit their network. - [Searchlight Security Delivers Dark Web Monitoring Upgrades for MSSPs](https://slcyber.io/news/searchlight-security-delivers-dark-web-monitoring-upgrades-for-mssps/) - Our new multi-tenancy feature allows MSSPs to handle dark web intelligence for multiple customers. - [Searchlight Security And Alias Join Forces To Enhance Security Assessments Using Dark Web Intelligence](https://slcyber.io/news/searchlight-security-and-alias-join-forces-to-enhance-security-assessments-using-dark-web-intelligence/) - Searchlight is working with cybersecurity consultancy Alias to enhance its security assessment offering. - [Hacker Selling 350m AskFM Users' Personal Records On A Dark Web Hacker Forum](https://slcyber.io/news/hacker-selling-350m-askfm-users-personal-records-on-a-dark-web-hacker-forum/) - We identified a user with the alias “Data” on a popular breach site selling 350 million records from Ask.FM. - [Preventing The Recruitment Of Insider Threat Actors](https://slcyber.io/news/preventing-the-recruitment-of-insider-threat-actors/) - Luke Walker spoke to James Coker from Infosecurity Magazine for National Insider Threat Awareness Month. - [Ransomware: The Hackers And Their Marketplace](https://slcyber.io/news/ransomware-the-hackers-and-their-marketplace/) - TechInformed's ransomware report series features insight from Searchlight Cyber on how ransomware groups operate on the dark web. - [Dark Web Intelligence](https://slcyber.io/news/dark-web-intelligence/) - Dr Gareth Owenson's article argues that notable supply chain attacks could have been spotted and stopped with dark web intelligence. - [Bringing Light to the Dark Web](https://slcyber.io/news/bringing-light-to-the-dark-web/) - Our co-founders Ben Jones and Dr Gareth Owenson sat down with Cole Aungle from IT Security Guru to share the story of the company so far. - [Killnet Releases 'Proof' of its Attack Against Lockheed Martin](https://slcyber.io/news/killnet-releases-proof-of-its-attack-against-lockheed-martin/) - Threat Intelligence Analyst Louise Ferrett spoke to Security Week about the reliability of Killnet's claim last week that it had breached Lockheed Martin. - [Cisco Hacked: Ransomware Gang Claims it has 2.8GB of Data](https://slcyber.io/news/cisco-hacked-ransomware-gang-claims-it-has-2-8gb-of-data/) - Our Threat Intelligence Analyst Louise Ferrett shares some insight on the Cisco breach, including the severity of the leak. - [Russian Cybercrime Gang Killnet Claims Lockheed Martin Employee Data Hack](https://slcyber.io/news/russian-cybercrime-gang-killnet-claims-lockheed-martin-employee-data-hack/) - Following the Russian hacking group Killnet's alleged breach of Lockheed Martin, we spoke to TechMonitor about the legitimacy of the claim. - [Using Dark Web Threat Intelligence To Counter Financial Crimes](https://slcyber.io/news/using-dark-web-threat-intelligence-to-counter-financial-crimes/) - Our CTO Dr Gareth Owenson explains how financial services can use threat intelligence to tackle finance-related cybercrime. - [9 Tips To Prevent Phishing](https://slcyber.io/news/9-tips-to-prevent-phishing/) - Dr Gareth Owenson explains why monitoring the dark web for leaked credentials should be part of any company's strategy to reduce phishing attacks. - [Security Warning After Sale of Chinese Data](https://slcyber.io/news/security-warning-after-sale-of-chinese-data/) - Louise Ferrett spoke to BBC News about a dark web forum listing claiming to be selling the data of one billion Chinese citizens. - [Russian Hackers Target Private Ukrainian Energy Firm](https://slcyber.io/news/russian-hackers-target-private-ukrainian-energy-firm/) - Following the cyberattack against DTEK Group, our threat intelligence shows that the Ukrainian energy firm was targeted on RaidForums - [New Cyber Extortion Op Appears To Have Hit AMD](https://slcyber.io/news/new-cyber-extortion-op-appears-to-have-hit-amd/) - Jim Simpson, director of threat intelligence, is quoted in Computer Weekly discussing the impact and implications of RansomHouse's campaigns. - [Fears Grow for Smaller Nations after Ransomware Attack on Costa Rica Escalates](https://slcyber.io/news/fears-grow-for-smaller-nations-after-ransomware-attack-on-costa-rica-escalates/) - Louise Ferrett, threat analyst, speaks to TechCrunch as the ransomware group Conti demands $20m from the Costa Rican Government. - [Ransomware gang Conti ‘shuts down’ in midst of Costa Rica attack](https://slcyber.io/news/ransomware-gang-conti-shuts-down-in-midst-of-costa-rica-attack/) - Louise Ferrett shares intelligence on the Conti ransomware gang as the group reportedly shuts down. - [Who's Behind Attempt to Reboot REvil Ransomware Operation?](https://slcyber.io/news/whos-behind-attempt-to-reboot-revil-ransomware-operation/) - Louise Ferrett shares intelligence with the Information Security Media Group as the REvil ransomware operation appears to resurface. - [Is Telegram safe? Here’s What Security Experts Have To Say](https://slcyber.io/news/is-telegram-safe-heres-what-security-experts-have-to-say-about-the-app/) - Searchlight Security CTO Dr Gareth Owenson comments on the strength of Telegram's encryption in Trusted Reviews. - [Two Teenagers Charged with Lapsus$ Cyber Attacks](https://slcyber.io/news/two-teenagers-charged-with-lapsus-cyber-attacks/) - Searchlight analysts provide insight into LAPSUS$, as two UK teenagers are charged with being part of the group. - [European Authorities Seize VPN Service Tied to Ransomware](https://slcyber.io/news/european-authorities-seize-vpn-service-tied-to-ransomware/) - Dr Gareth Owenson comments on how authorities are clamping down on cybercriminal activity, in spite of obstacles. ## Press Releases - [Searchlight Cyber Named a Finalist at the 2026 Cyber Risk Awards](https://slcyber.io/press/searchlight-cyber-named-a-finalist-at-the-2026-cyber-risk-awards/) - Awards nomination recognizes Searchlight’s leadership in helping organizations gain an accurate view of cyber risk and preemptively mitigate threats - [Searchlight Cyber Uncovers High Severity Remote Code Execution Vulnerability in Popular Survey Software](https://slcyber.io/press/searchlight-cyber-uncovers-high-severity-remote-code-execution-vulnerability-in-popular-survey-software/) - Searchlight Cyber uncovers a high-severity RCE vulnerability in popular survey software, exposing risks of unauthenticated attacks and server compromise. - [Searchlight Cyber selected as 2024 SC Awards Finalist](https://slcyber.io/press/searchlight-cyber-selected-as-2024-sc-awards-finalist/) - Searchlight Cyber named a 2024 SC Awards finalist for threat intelligence innovation, recognizing its leadership in dark web intelligence and cybersecurity solutions. - [Study Finds Dark Web Exposure Increases the Risk of a Cyberattack](https://slcyber.io/press/study-finds-dark-web-exposure-increases-the-risk-of-a-cyberattack/) - Study shows dark web exposure increases cyberattack risk, with leaked data, forum mentions, and threat activity linked to higher breach likelihood. - [Searchlight Cyber Report: Ransomware Groups Claimed Record Number of Victims in 2025 with 30% Annual Increase](https://slcyber.io/press/ransomware-report-h2-2025/) - New Research Reveals the Number of Ransomware Victims and Active Ransomware Groups reached an All-Time High in 2025 - [Searchlight Cyber Launches Ransomware File Explorer to Enable Pre-Emptive Detection of Leaked Data](https://slcyber.io/press/searchlight-cyber-launches-ransomware-file-explorer-to-enable-pre-emptive-detection-of-leaked-data/) - Searchlight Cyber announced the release of Ransomware File Explorer, a new capability within its Cerberus investigation platform that provides direct, searchable visibility into file-tree data published on ransomware leak sites. - [Searchlight Cyber Appoints Michael Gianarakis as CEO](https://slcyber.io/press/searchlight-cyber-appoints-michael-gianarakis-as-ceo/) - Proven cybersecurity leader and expert in Preemptive Threat Exposure Management (PTEM) promoted to CEO as company enters its next phase of growth - [Searchlight Cyber Launches AI Research Assistant To Guide And Free Up Time For Investigators](https://slcyber.io/press/searchlight-cyber-launches-ai-research-assistant/) - Searchlight Cyber has launched a new AI capability that enables investigators to use natural language queries to rapidly access intelligence from dark web markets, forums, and ransomware groups. - [Searchlight Cyber Acquires Cyber Risk Management Company Intangic](https://slcyber.io/press/searchlight-cyber-acquires-cyber-risk-management-company-intangic/) - Searchlight Cyber acquires Intangic to help organizations measure, monitor and mitigate cyber risk across their external environments. - [Searchlight Cyber Acquires Assetnote to Enhance Continuous Threat Exposure Management](https://slcyber.io/press/searchlight-cyber-acquires-assetnote/) - Searchlight Cyber acquires market-leading ASM company Assetnote to enhance customers’ ability to identify and respond to the highest-priority threats. - [Searchlight Cyber Partners With TRM Labs to Bring Enhanced Cryptocurrency Analysis to its Dark Web Investigation Platform](https://slcyber.io/press/searchlight-cyber-partners-with-trm-labs-to-bring-enhanced-cryptocurrency-analysis-to-its-dark-web-investigation-platform/) - Searchlight Cyber has partnered with TRM Labs to integrate new cryptocurrency analysis capabilities into its dark web investigation platform. - [Searchlight Cyber Report Finds a 67% Increase in Ransomware Victims in H1 2025 vs H1 2024](https://slcyber.io/press/increase-in-ransomware-victims-in-h1-2025-vs-h1-2024/) - Higher victim count correlates with a greater number of ransomware groups, in spite of the deterioration of Lockbit. - [Searchlight Cyber Uncovers High-Severity Vulnerability in Open-Source Web Content Management Platform, DNN](https://slcyber.io/press/searchlight-cyber-uncovers-high-severity-vulnerability-in-open-source-web-content-management-platform-dnn/) - The vulnerability discovered by Searchlight Cyber researchers in DNN is present in multiple software versions (6.0.0 - 10.0.1) and has a severity score of 8.6 - [Searchlight Cyber Launches Free Open Source Tools Site for the Cybersecurity Community](https://slcyber.io/press/searchlight-cyber-launches-free-open-source-tools-site-for-the-cybersecurity-community/) - Three new tools are launched with the new Searchlight Cyber Tools Site and existing tools like Wordlists have been enhanced - [Searchlight Cyber Finds Further Critical Vulnerabilities in Adobe Experience Manager](https://slcyber.io/press/searchlight-cyber-finds-further-critical-vulnerabilities-in-adobe-experience-manager/) - Three new critical vulnerabilities found by Searchlight Cyber in Adobe Experience Manager include two paths to RCE and a pre-authentication XXE - [Searchlight Cyber Discloses Critical Remote Command Execution Vulnerability in ETQ Reliance](https://slcyber.io/press/searchlight-cyber-discloses-critical-remote-command-execution-vulnerability-in-etq-reliance/) - The Remote Code Execution vulnerability found by Searchlight Cyber in the popular quality management software ETQ Reliance could expose highly sensitive data - [Searchlight Cyber Adds New AI Capabilities to Dark Web Investigations Platform](https://slcyber.io/press/searchlight-cyber-adds-new-ai-capabilities-to-dark-web-investigations-platform/) - New AI summarization and sentiment analysis in Searchlight Cyber's tool simplifies investigations for law enforcement and cybersecurity professionals - [Assetnote Identifies Critical Pre-Auth SQL Injection Vulnerability in Halo ITSM](https://slcyber.io/press/assetnote-identifies-critical-pre-auth-sql-injection-vulnerability-in-halo-itsm/) - Pre-auth SQL Injection vulnerability discovered by Assetnote in Halo could be exploited to read, modify, or insert data into critical IT support software. - [Searchlight Cyber Releases AI-Generated Threat Actor Summaries](https://slcyber.io/press/searchlight-cyber-releases-ai-generated-threat-actor-summaries/) - Latest AI enhancement from Searchlight Cyber provides invaluable context for law enforcement and cybersecurity investigators on dark web aliases - [Calibra Solutions and Searchlight Cyber Form Partnership to Unlock Dark Web Intelligence for the Caribbean](https://slcyber.io/press/calibra-solutions-and-searchlight-cyber-form-partnership-to-unlock-dark-web-intelligence-for-the-caribbean/) - Calibra Solutions Limited has partnered with Searchlight Cyber to help organizations to combat cybercrime emanating from the dark web. - [Searchlight Launches New Ransomware Group Module With Threat Intelligence from the Dark Web](https://slcyber.io/press/searchlight-launches-new-ransomware-group-module-with-threat-intelligence-from-the-dark-web/) - Enterprise and law enforcement organizations can investigate ransomware activity on the dark web to gain an advantage over malicious actors - [Searchlight Cyber Wins Gold and Silver at the 2023 Cybersecurity Excellence Awards](https://slcyber.io/press/searchlight-cyber-wins-gold-and-silver-at-the-2023-cybersecurity-excellence-awards/) - Both dark web intelligence solutions Cerberus and DarkIQ receive awards, while Searchlight Cyber is recognized in the Most Innovative Company category - [Searchlight Cyber Supports the U.S. Government Takedown of the BidenCash Dark Web Marketplace](https://slcyber.io/press/searchlight-cyber-supports-the-u-s-government-takedown-of-the-bidencash-dark-web-marketplace/) - Searchlight Cyber provided technical capabilities to support the takedown of the dark web marketplace BidenCash, announced by the U.S. Department of Justice. - [Searchlight Cyber Report Shows 38% YoY Increase in Active Dark Web Ransomware Groups](https://slcyber.io/press/searchlight-cyber-report-shows-38-yoy-increase-in-active-dark-web-ransomware-groups/) - Searchlight Cyber's annual report on ransomware trends from the dark web finds major disruption in the ransomware group hierarchy. - [Searchlight Cyber Launches New Dark Web Marketplace Module for Law Enforcement, Government, and Security Professionals](https://slcyber.io/press/searchlight-cyber-launches-new-dark-web-marketplace-dashboard/) - The new dark web marketplace module from Searchlight Cyber simplifies investigations into 140 markets with the ability to filter by geography and products. - [Searchlight Cyber Introduces AI-Powered Language Translation to Decipher the Dark Web](https://slcyber.io/press/searchlight-cyber-introduces-ai-powered-language-translation-to-decipher-the-dark-web/) - Bespoke AI-powered language translation tool is trained on dark web data to provide accurate results for cybersecurity professionals and law enforcement. - [Searchlight Cyber Integrates MITRE ATT&CK Framework into Dark Web Monitoring Solution](https://slcyber.io/press/searchlight-cyber-integrates-mitre-attck-framework-into-dark-web-monitoring-solution/) - MITRE ATT&CK Mapping feature in DarkIQ aligns actionable dark web intelligence with universally recognized cybersecurity framework to bolster security posture. - [Searchlight Cyber Finds Three Cross-Site Scripting Vulnerabilities in Adobe Experience Manager](https://slcyber.io/press/searchlight-cyber-finds-three-cross-site-scripting-vulnerabilities-in-adobe-experience-manager/) - The Searchlight Cyber security research team finds Cross-Site Scripting vulnerabilities that could have been used to exploit all 45k sites running cloud AEM - [Searchlight Cyber Enhances its DarkIQ Dark Web Traffic Monitoring Capabilities](https://slcyber.io/press/searchlight-cyber-enhances-its-darkiq-dark-web-traffic-monitoring-capabilities/) - Searchlight Cyber enhances its Dark Web Traffic Monitoring capabilities, allowing organizations to identify malicious activity going to and from their network. - [Searchlight Cyber Announces Strategic Growth Investment from Charlesbank Capital Partners](https://slcyber.io/press/searchlight-cyber-announces-strategic-growth-investment-from-charlesbank-capital-partners/) - New investment from Charlesbank Capital Partners will enable Searchlight Cyber to strengthen its threat intelligence platform and go-to-market offering - [“More Groups, More Problems”: Searchlight Cyber Report Reveals Ransomware Groups to Watch in 2024](https://slcyber.io/press/report-reveals-ransomware-groups-to-watch-in-2024/) - Searchlight Cyber's ransomware report reveals LockBit, BlackCat, and Cl0p were the top three gangs of 2023 but their share of total victims is falling - [Searchlight Security Elevates Dark Web Intelligence to Board Level with New Automated Reporting](https://slcyber.io/press/new-automated-reporting/) - Dark Web Threat Reporting in DarkIQ Helps Security Teams and MSSPs Communicate Pre-Attack Intelligence to Executives - [NCC Group launches Online Exposure Monitoring (OXM) Service to Help Organizations Identify Emerging and Potential Attacks Across the Clear, Deep, and Dark Web](https://slcyber.io/press/ncc-group-launches-online-exposure-monitoring-oxm-service-to-help-organizations-identify-emerging-and-potential-attacks-across-the-clear-deep-and-dark-web/) - NCC Group has launched a new Online Exposure Monitoring (OXM) service that is powered by Searchlight Cyber’s dark web monitoring platform DarkIQ. - [Searchlight Launches New Multi-Tenancy Capability for Dark Web Monitoring Solution DarkIQ](https://slcyber.io/press/multi-tenancy-launch/) - Multi-tenancy feature allows enterprises to monitor suppliers on the dark web and MSSPs to handle multiple customers - [DigitalXRAID Partners with Searchlight Cyber to Enhance its SOC Service with Comprehensive Dark Web Intelligence](https://slcyber.io/press/digitalxraid-partners-with-searchlight-cyber-to-enhance-its-soc-service-with-comprehensive-dark-web-intelligence/) - DigitalXRAID has signed a partnership agreement with Searchlight Cyber, to use its products in its SOC to defend customers from dark web threats. - [Assetnote Launches New Tool to Check for Security Weaknesses and Potential Abuse of IP Whitelisting](https://slcyber.io/press/assetnote-launches-new-tool-to-check-for-security-weaknesses-and-potential-abuse-of-ip-whitelisting/) - Assetnote has published a new tool to identify weaknesses that could allow hackers to bypass network controls by routing traffic through a specific location. - [Assetnote Discovers Additional Critical Vulnerability in Palo Alto Networks (PAN) Management Interface PAN-OS After Recent Patches](https://slcyber.io/press/assetnote-discovers-additional-critical-vulnerability-in-palo-alto-networks-pan-management-interface-pan-os-after-recent-patches/) - Assetnote, a Searchlight Cyber company, has identified a new critical vulnerability in the Palo Alto Networks management interface, known as PAN-OS. - [Cloud Digital Partners with Searchlight Cyber to Offer Dark Web Investigation Managed Services](https://slcyber.io/press/cloud-digital-partners-with-searchlight-cyber-to-offer-dark-web-investigation-managed-services/) - Managed Services Provider Cloud Digital has announced a partnership with Searchlight Cyber to deliver dark web investigation services - [Initial Searchlight Cyber Investor Rejoins Company As COO](https://slcyber.io/press/initial-searchlight-cyber-investor-rejoins-company-as-coo/) - Renowned cybersecurity advisor and investor Todd Crick takes on operational role at fast-growth dark web intelligence company, Searchlight Cyber - [Searchlight Cyber Report Reveals Rapid Changes in the Ransomware Landscape Over Six Months](https://slcyber.io/press/searchlight-cyber-report-reveals-rapid-changes-in-the-ransomware-landscape-over-six-months/) - Threat intelligence report underscores significant changes to the “league table” of ransomware groups during the first half of 2024. - [Searchlight Cyber Alerts Energy Sector to Dark Web Threats](https://slcyber.io/press/searchlight-cyber-alerts-energy-sector-to-dark-web-threats/) - New Searchlight Cyber threat intelligence report shows how cybercriminals routinely target energy sector companies on dark web forums - [e2e-assure Partners with Searchlight Cyber to Bolster Customers’ Security Posture with Dark Web Intelligence](https://slcyber.io/press/e2e-assure-partners-with-searchlight-cyber-to-bolster-customers-security-posture-with-dark-web-intelligence/) - Managed Threat Detection & Response provider, e2e-assure, has partnered with Searchlight Cyber to bolster customers’ security posture with dark web intelligence - [Searchlight Cyber Wins Best Emerging Technology Award at the SC Awards Europe 2024](https://slcyber.io/press/searchlight-cyber-wins-best-emerging-technology-award-at-the-sc-awards-europe-2024/) - Dark web investigation platform recognized for innovation in combating dark web criminality at the SC Awards Europe - [Dark Web Intelligence Company Searchlight Cyber Appoints Tim Warner to Lead Global Enterprise Sales](https://slcyber.io/press/dark-web-intelligence-company-searchlight-cyber-appoints-tim-warner-to-lead-global-enterprise-sales/) - Tim Warner joins Searchlight’s executive team and is responsible for leading its enterprise sales function, providing security teams with dark web intelligence. - [Searchlight Cyber to Launch 2024 Edition of “The Practitioner’s Guide To The Dark Web” at RSA Conference](https://slcyber.io/press/searchlight-cyber-to-launch-2024-edition-of-the-practitioners-guide-to-the-dark-web-at-rsa-conference/) - Searchlight Cyber will launch the highly anticipated 2024 edition of The Practitioner’s Guide To The Dark Web at RSA Conference in San Francisco. - [Former IBM X-Force Leader Caleb Barlow Appointed to Searchlight Cyber’s Board of Directors](https://slcyber.io/press/former-ibm-x-force-leader-caleb-barlow-appointed-to-searchlight-cybers-board-of-directors/) - Searchlight Cyber has appointed Caleb Barlow from Cyberbit and Charlesbank Capital Partners to its board of directors as it expands its market share. - [Searchlight Cyber's DarkIQ Receives MSP Today Product of the Year Award](https://slcyber.io/press/searchlight-cybers-darkiq-receives-msp-today-product-of-the-year-award/) - Searchlight Cyber's dark web monitoring solution, DarkIQ, has been honoured with the 2023 MSP Today Product of the Year Award by TMC. Find out more. - [Searchlight Cyber Launches New Program for Channel Partners](https://slcyber.io/press/searchlight-cyber-launches-new-program-for-channel-partners/) - Searchlight Cyber, the dark web intelligence company, has launched a new partner program, enhancing the company’s benefits for MSSPs, VARs and other key channel partners. - [Two-Thirds of MSSPs Say Customers Have Asked for Dark Web Threat Intelligence as Demand Surges in US and UK](https://slcyber.io/press/report-how-mssps-are-using-dark-web/) - Survey identifies more than half of MSSPs have started undertaking dark web monitoring to protect customers and unlock new revenue streams - [Cybersecurity Consultancy Alias Gets Dark Web Threat Intelligence Boost With Searchlight Security](https://slcyber.io/press/alias-gets-dark-web-threat-intelligence/) - Alias Builds Attacker Profiles For Customer Security Assessments With DarkIQ Dark Web Monitoring - [Searchlight Cyber Announces Secure Virtual Browser For Cyber Investigators to Safely Access the Dark Web](https://slcyber.io/press/searchlight-cyber-announces-secure-virtual-browser-for-cyber-investigators-to-safely-access-the-dark-web-2/) - Searchlight Cyber has launched Stealth Browser - a secure virtual machine to safely access the dark web & conduct investigations anonymously. Learn more. - [Searchlight Cyber Launches The Dark Web Academy to Upskill Cybersecurity Professionals, Law Enforcement, and Channel Partners in Dark Web Investigations](https://slcyber.io/press/searchlight-cyber-launches-the-dark-web-academy-to-upskill-cybersecurity-professionals-law-enforcement-and-channel-partners-in-dark-web-investigations/) - The Dark Web Academy, an instructor-led training course from Searchlight Cyber, provides hands-on experience in conducting dark web investigations - [Searchlight Cyber Launches The Dark Web Hub to Demystify the Dark web and Upskill Cybersecurity and Law Enforcement Professionals](https://slcyber.io/press/searchlight-cyber-launches-the-dark-web-hub-to-demystify-the-dark-web-and-upskill-cybersecurity-and-law-enforcement-professionals/) - The Dark Web Hub features intelligence on dozens of dark web sites, plus video and podcast resources on combating dark web criminality - [Arina and Searchlight Cyber Form Partnership To Bring Dark Web Investigation Solutions to the DACH Region](https://slcyber.io/press/arina-and-searchlight-cyber-form-partnership-to-bring-dark-web-investigation-solutions-to-the-dach-region/) - Arina and Searchlight Cyber will provide government, law enforcement, and corporate customers in the DACH region with new dark web investigation capabilities. - [Searchlight Cyber Bolsters DarkIQ Dark Web Monitoring Tool With More Than 450 Billion Additional Exposure Data Points](https://slcyber.io/press/searchlight-cyber-bolsters-darkiq-dark-web-monitoring-tool-with-more-than-450-billion-additional-exposure-data-points/) - New indexed, searchable, and actionable Exposure Data in DarkIQ helps investigators identify and stop cyberattacks, earlier. - [Searchlight Cyber Works with the Innocent Lives Foundation to Bring Predators to Justice](https://slcyber.io/press/searchlight-cyber-works-with-the-innocent-lives-foundation-to-bring-predators-to-justice/) - Searchlight’s Investigation Tool Helps the Innocent Lives Foundation to Identify Offenders on the Dark Web - [Semkel and Searchlight Cyber Form Strategic Partnership To Bring Dark Web Intelligence Solutions to the French Market](https://slcyber.io/press/semkel-and-searchlight-cyber-form-strategic-partnership-to-bring-dark-web-intelligence-solutions-to-the-french-market/) - Semkel, the expert in preventive cybersecurity, and Searchlight Cyber, the dark web intelligence company, sign a strategic partnership agreement in France. - [Searchlight Cyber Wins Cyber Security Emerging Vendor of the Year at the IT Europa Channel Awards](https://slcyber.io/press/searchlight-cyber-wins-emerging-vendor-of-the-year-award-at-the-it-europa-channel-awards/) - Dark web intelligence company recognized for innovative, MSSP-focused solutions in Cyber Security Emerging Vendor of the Year Award. - [Dark Web Intelligence Shows Everest Ransomware Group Increasing Initial Access Broker Activity](https://slcyber.io/press/dark-web-intelligence-shows-everest-ransomware-group-increasing-initial-access-broker-activity/) - Searchlight Cyber publishes Ransomware Spotlight report on the dark web activity of the Everest ransomware group. - [Searchlight Cyber Alerts The Banking Sector to Dark Web Threats](https://slcyber.io/press/searchlight-cyber-alerts-the-banking-sector-to-dark-web-threats/) - New Searchlight Cyber threat intelligence report demonstrates how cybercriminals persistently target the banking sector on the dark web. - [Searchlight Cyber Named as a Finalist by the SC Awards Europe and the MSP Innovation Awards](https://slcyber.io/press/searchlight-cyber-named-as-a-finalist-by-the-sc-award-europe/) - Dark Web Intelligence Company Searchlight Cyber Shortlisted By Two Prestigious Award Bodies (SC Awards Europe & MSP Innovation Awards) in One Week - [Searchlight Cyber Launches The Practitioner’s Guide To The Dark Web](https://slcyber.io/press/searchlight-cyber-launches-the-practitioners-guide-to-the-dark-web/) - The Practitioner's Guide To The Dark Web helps cybersecurity professionals and law enforcement officers demystify and navigate the dark web. - [Searchlight Cyber Shortlisted as Cyber Security Emerging Vendor of the Year at the IT Europa Channel Awards](https://slcyber.io/press/searchlight-cyber-shortlisted-as-cyber-security-emerging-vendor-of-the-year-at-the-it-europa-channel-awards/) - Searchlight Cyber has been shortlisted for Cyber Security Emerging Vendor of the Year award at the prestigious IT Europa Channel Awards 2023. - [93 Percent of Enterprise CISOs Concerned About Dark Web Threats](https://slcyber.io/press/93-percent-of-enterprise-cisos-concerned-about-dark-web-threats/) - Today Searchlight Cyber has released its new report examining how enterprise CISOs are gathering data from the dark web to improve their security posture. - [Searchlight Cyber Shortlisted in Two Categories at the UK’s Computing Security Excellence Awards](https://slcyber.io/press/searchlight-cyber-shortlisted-in-two-categories-at-the-uks-computing-security-excellence-awards/) - Searchlight’s Dark Web Intelligence innovations recognized for Enterprise Security Solution Award and Security Innovation of the Year - [Searchlight Cyber Becomes Crown Commercial Service (CCS) Supplier to UK Public Sector](https://slcyber.io/press/searchlight-cyber-becomes-crown-commercial-service-ccs-supplier-to-uk-public-sector/) - Searchlight Cyber receives prestigious UK Government accreditation to help public service organizations counter dark web threats - [Searchlight Cyber Appoints Evan Blair to Drive US Growth](https://slcyber.io/press/searchlight-cyber-appoints-evan-blair/) - Searchlight Cyber has appointed Evan Blair as General Manager, North America, as the company expands its presence in the United States. - [Searchlight Security Changes Name to Searchlight Cyber and Launches New Brand](https://slcyber.io/press/searchlight-security-changes-name-to-searchlight-cyber-and-launches-new-brand/) - Searchlight Cyber announces rebrand that reflects its status as a fast-growing cybersecurity business - [UK Cybersecurity Companies Combine Forces to Champion Next-Level Threat Intelligence](https://slcyber.io/press/uk-cybersecurity-companies-combine-forces-to-champion-next-level-threat-intelligence/) - Searchlight Security and Omniscope announce a partnership that brings next-level threat intelligence to enterprise and law enforcement ## Careers - [Senior Python Developer](https://slcyber.io/careers/senior-python-developer/) - [Finance Assistant](https://slcyber.io/careers/finance-assistant-2/) - [Security Researcher](https://slcyber.io/careers/security-research-engineer/) - [Python Developer](https://slcyber.io/careers/python-developer/) - [Customer Success Manager](https://slcyber.io/careers/customer-success-manager/) - [Executive Assistant](https://slcyber.io/careers/executive-assistant/) - [Finance Assistant](https://slcyber.io/careers/finance-assistant/) - [US Accounting Specialist](https://slcyber.io/careers/us-accounting-specialist/) - [Financial Planning & Analysis Manager](https://slcyber.io/careers/financial-planning-analysis-manager/) - [Senior Infrastructure Engineer](https://slcyber.io/careers/site-reliability-engineer/) - [Account Manager](https://slcyber.io/careers/account-manager/) - [AI Engineer](https://slcyber.io/careers/ai-engineer/) - [Browser Vulnerability Researcher](https://slcyber.io/careers/browser-vulnerability-researcher/) ## Events - [MSP Global](https://slcyber.io/events/msp-global/) - [DIC Zurich](https://slcyber.io/events/dic-zurich/) - [ISS World](https://slcyber.io/events/iss-world/) - [CyberUK](https://slcyber.io/events/cyberuk/) - [Security & Policing](https://slcyber.io/events/security-policing/) - [eCrime Congress](https://slcyber.io/events/ecrime-congress/) - [Data Connectors Dallas Cybersecurity Conference](https://slcyber.io/events/data-connectors-dallas-cybersecurity-conference/) - Join us as Data Connectors' Dallas Cybersecurity Conference to find our how dark web intelligence can improve your security posture. - [MSSP Virtual Cybersecurity Summit](https://slcyber.io/events/mssp-virtual-cybersecurity-summit/) - Join Searchlight Cyber at the MSSP Virtual Cybersecurity Summit to discover how dark web intelligence helps MSSPs strengthen threat detection and response. - [RSA Conference 2023](https://slcyber.io/events/rsa-conference-2023/) - Meet the Searchlight Cyber team at RSA! Find us on Booth #461 to find out more about dark web threat intelligence. - [ChannelCon 2025](https://slcyber.io/events/channelcon-2025/) - [TASSCC](https://slcyber.io/events/tassc/) - [Milipol](https://slcyber.io/events/milipol/) - [Owasp AppSec](https://slcyber.io/events/owasp-appsec/) - [MSSP Alert Live](https://slcyber.io/events/mssp-alert-live-2/) - [ChannelCon](https://slcyber.io/events/channelcon/) - [DIC Vienna](https://slcyber.io/events/dic-vienna/) - [Hacker Halted](https://slcyber.io/events/hacker-halted/) - [Digital Experience Benelux](https://slcyber.io/events/digital-experience-benelux/) - [HOU.SEC.CON](https://slcyber.io/events/hou-sec-con/) - [YTVC Conference](https://slcyber.io/events/ytvc-conference/) - [BSides Canberra VII](https://slcyber.io/events/bsides-canberra-vii/) - [FS-ISAC 2023 EMEA Summit](https://slcyber.io/events/fs-isac-2023-emea-summit/) - Join us at FS-ISAC's EMEA Summit in Amsterdam to find out how financial institutions can identify and prevent cyberattacks with dark web intelligence. - [FS-ISAC - FinCyber Today Summit](https://slcyber.io/events/fs-isac-fincyber-today-summit/) - Join us at FS-ISAC's FinCyber Today Summit to find out how dark web intelligence can be used to identify and prevent threats against the finance industry. - [Global CISO Institute: UK](https://slcyber.io/events/global-ciso-institute-uk/) - We are proud to be a partner of the CISO Institute event. Join us for the event in London and don't miss the talk from our Head of Threat Intelligence at 11am. - [Securing the Future of Finance](https://slcyber.io/events/securing-the-future-of-finance/) - [23rd e-Crime & Cybersecurity Congress](https://slcyber.io/events/23rd-e-crime-cybersecurity-congress/) - Join Searchlight Cyber at the 23rd e-Crime & Cybersecurity Congress to explore dark web threats and cyber risk strategies with industry-leading experts. - [RSA Conference 2025](https://slcyber.io/events/rsa-conference-2025/) - [Secure World South Florida](https://slcyber.io/events/secure-world-south-florida/) - [2025 TAGITM Annual Conference](https://slcyber.io/events/2025-tagitm-annual-conference/) - [Zywave Cyber Risk Insights London](https://slcyber.io/events/zywave-cyber-risk-insights-london/) - [InCyber Forum Europe](https://slcyber.io/events/incyber-forum-europe/) - [Security & Policing Home Office Event](https://slcyber.io/events/security-and-policing-2025/) - [Digital Investigations Conference (DIC) Zurich](https://slcyber.io/events/digital-investigations-conference-dic-zurich/) - [Searchlight Executive Briefing London](https://slcyber.io/events/searchlight-executive-briefing-london/) - Join us for an exclusive briefing, discussion, and networking around our most recent observations of the key trends in the cyber threat landscape, and the correlation between dark web exposure and cybersecurity risk. - [Searchlight Executive Dinner Florida](https://slcyber.io/events/searchlight-executive-dinner-florida/) - [EACA Cyber Crime Analysis Conference 2024](https://slcyber.io/events/eaca-cyber-crime-analysis-conference-2024/) - [MSSP Alert Live](https://slcyber.io/events/mssp-alert-live/) - [E-Crime & Cybersecurity Mid-Year Summit](https://slcyber.io/events/e-crime-cybersecurity-mid-year-summit-2/) - [Cyber Risk New York](https://slcyber.io/events/cyber-risk-new-york/) - [Gartner Security and Risk Management Summit](https://slcyber.io/events/gartner-security-and-risk-management-summit/) - Searchlight Cyber is a silver sponsor at the upcoming Gartner Security and Risk Management Summit on 23-25th September. Visit the Searchlight Cyber Booth 511. - [CyberUK 2023](https://slcyber.io/events/cyberuk-2023/) - Meet the Searchlight Cyber team at this year's Cyber UK event in Belfast - [MSP Expo](https://slcyber.io/events/msp-expo/) - Join us on Booth #159 at MSP Expo to find out how Searchlight Cyber provides MSSPs with dark web intelligence. - [Data Connectors Tampa](https://slcyber.io/events/data-connectors-tampa/) - Meet the Searchlight Cyber team at our booth at Data Connectors Tampa to find out how dark web intelligence can help you improve your cybersecurity posture. - [Cyber Summit Aberdeen](https://slcyber.io/events/cyber-summit-aberdeen/) - Join us at the Searchlight Cyber stand to find out more about dark web intelligence and how it can help you spot cyberattacks earlier in the Cyber Kill Chain. - [CISO Atlanta Summit](https://slcyber.io/events/ciso-atlanta-summit/) - We are proud to be partners of the CIO Atlanta Summit and are very excited to be participating live on the day on the topic of "Enhancing your Cybersecurity Resilience with Strategic Threat Intelligence". - [CISO Dallas Summit](https://slcyber.io/events/ciso-dallas-summit/) - We are proud to be partners of the CIO Dallas Summit and are very excited to be participating live on the day on the topic of "Enhancing your Cybersecurity Resilience with Strategic Threat Intelligence". - [InCyber Forum Europe 2024](https://slcyber.io/events/incyber-forum-europe-2024/) - [RSA Conference 2024](https://slcyber.io/events/rsa-conference-2024/) - [e-Crime and Cybersecurity Congress 2024](https://slcyber.io/events/e-crime-and-cybersecurity-congress-2024/) - Join Searchlight Cyber at the e-Crime and Cybersecurity Congress 202 in London on the 28th and 29th February and don't miss our keynote and education seminar. - [Digital Investigations Conference](https://slcyber.io/events/digital-investigations-conference-2024/) - Meet the team and don't miss Ben Jones, Searchlight Cyber's CEO talk at 14:15 on the 29th titled "Gathering Evidence from the Dark Web" where he'll demonstrate how law enforcement can track cybercriminals by connecting aliases found on the dark web, joint accounts, and other valuable information that can lead to their identification and arrest. - [Searchlight Cyber briefing, Washington](https://slcyber.io/events/searchlight-cyber-briefing-washington/) - Join Searchlight Cyber's leadership team for an exclusive security briefing, showcasing the latest dark web research and product developments. This event is by invitation only. - [Searchlight Cyber Finance Dinner](https://slcyber.io/events/searchlight-cyber-finance-dinner/) - [Arab International Cyber Summit (AICS)](https://slcyber.io/events/arab-international-cyber-summit-acis-bahrain/) - Join our CEO and Co-Founder, Ben Jones, in Bahrain on the 5th and 6th December at the Arab International Cyber Summit Bahrain. Stop by our "#003 UK Pavilion" to learn how Searchlight Cyber's dark web intelligence can help organizations spot and stop cyberattacks earlier. - [Cyber RAIDers: From Account Takeover to Ransomware](https://slcyber.io/events/cyber-raiders-from-account-takeover-to-ransomware/) - [Milipol Paris](https://slcyber.io/events/milipol-paris/) - The Searchlight Cyber team will be at the Milipol Paris event in November (14-17) discussing how governments can use dark web intelligence to increase security and mitigate threats. - [ISS World North America 2023](https://slcyber.io/events/iss-world-north-america-2023/) - Don't miss our keynote at ISS World North America 2023 - 9.10, Wednesday November 8 - on deanonymizing criminals operation on Tor. - [InCyber Forum North America](https://slcyber.io/events/incyber-forum-north-america/) - Use the link to book a meeting with us at the InCyber Forum North America in Montreal (October 25 - 26), and don't miss our Pitch Lab session on October 26 at 3:35PM. - [HouSecCon 2023](https://slcyber.io/events/houseccon-2023/) - Searchlight Cyber will be in Texas for HouSecCon this October 12-13. Join us to find out more about how dark web intelligence can be used to protect your business. - [E-Crime & Cybersecurity Mid-Year Summit](https://slcyber.io/events/e-crime-cybersecurity-mid-year-summit/) - Join us in London for the E-Crime & Cybersecurity Mid-Year Summit to learn more about how dark web intelligence improves the security posture of organizations. - [The Cyber Security Debrief](https://slcyber.io/events/the-cyber-security-debrief/) - Join our CTO Dr. Gareth Owenson and panel experts to examine the cybersecurity industry, trends in 2023, and the threat actors you need to be aware of. - [International Cyber Expo](https://slcyber.io/events/international-cyber-expo/) - Join us at the International Cyber Expo in London to find out more about how dark web intelligence. Find the Searchlight Cyber team on stand M62. - [ISS World Europe](https://slcyber.io/events/iss-world-europe/) - Join Searchlight Cyber at ISS World Europe in Prague to learn more about how criminal activity on the dark web can be countered with dark web intelligence and hear from Dr. Gareth Owenson, a world-leading dark web researcher... - [Digital Investigations Conference](https://slcyber.io/events/digital-investigations-conference/) - Meet the team at the event and don't miss our talk at 15:20 on March 2: "Advanced Dark Web Investigations" - [E-Crime and Cybersecurity Congress](https://slcyber.io/events/e-crime-and-cybersecurity-congress/) - Stop by the Searchlight Cyber stand and don't miss our CTO's session on March 2: "A Tour of Dark Web Criminality and How to Defend Yourself" - [Rocky Mountain Cyberspace Symposium](https://slcyber.io/events/rocky-mountain-cyberspace-symposium/) - Get in touch to meet us at AFCEA's Rocky Mountain Cyberspace Symposium Feb 20-23 and find out more about dark web intelligence. - [PSC Federal Law Enforcement Conference](https://slcyber.io/events/psc-federal-law-enforcement-conference/) - Meet the team at the Searchlight Cyber stand to find out more about how dark web intelligence can help law enforcement crack down on criminal activity. - [DODISS Worldwide](https://slcyber.io/events/dodiss-worldwide/) - Join us at Booth # 1654 to find out how dark web investigation capabilities can help you gather strategic intelligence. - [ISS World: Latest Updates on Investigation Techniques for Defeating TOR Hidden Services, I2P, and Zeronet](https://slcyber.io/events/iss-world-latest-updates-on-investigation-techniques-for-defeating-tor-hidden-services-i2p-and-zeronet/) - Join this ISS World webinar from our CTO and Co-Founder Dr. Gareth Owenson to find out more about dark web investigation techniques. - [Cyber UK 2022](https://slcyber.io/events/cyberuk-2022/) - [National Child Protection Task Force 2022 annual conference](https://slcyber.io/events/national-child-protection-task-force-2022-annual-conference/) - Returning to this year's NCPTF event as Platinum Sponsor, we are pleased to confirm that we will be presenting on Wednesday 29th June at 11.50 – 12.40 CT. - [Black Hat USA 2022](https://slcyber.io/events/black-hat-usa-2022/) - Visit us at booth to find out more about dark web threat intelligence, our dark web investigation and monitoring products, and building your pre-attack intelligence capabilities. - [Securing Financial Services Summit](https://slcyber.io/events/securing-financial-services-summit/) - [Black Hat Asia 2022](https://slcyber.io/events/black-hat-asia-2022/) - We will be attending this year’s, Black Hat Asia. Come and visit our Co-Founders at booth B11 to learn more about our approach to dark web intelligence and monitoring. - [ISS World Middle East 2022](https://slcyber.io/events/iss-world-middle-east-2022/) - [RSA Conference USA 2022](https://slcyber.io/events/rsa-conference-usa-2022/) - Join us at stand 1566 to put your dark web intelligence questions to the team and get a demo of our products DarkIQ and Cerberus. - [E- Crime and Cybersecurity mid-year summit](https://slcyber.io/events/e-crime-and-cybersecurity-mid-year-summit/) - Join us in London at the e-Crime & Cybersecurity Mid-Year, where our co-founder and CTO Dr Gareth Owenson will be giving a keynote speak on "Using the dark web to gather pre-attack intelligence". - [ISS World North America](https://slcyber.io/events/iss-world-north-america/) - Dr. Gareth Owenson, CTO and Co-Founder of Searchlight Security gives keynotes on Defeating the Tor Dark Web and Using Threat Intelligence to Track Malicious Infrastructure on Wednesday, November 16. ## Use Cases - [Criminal Investigation](https://slcyber.io/use-cases/criminal-investigation/) - Criminals are dealing weapons, drugs, & CSEA on the dark web. Our dark web investigation solutions enable law enforcement teams to bring criminals to justice. - [Security Operations](https://slcyber.io/use-cases/security-operations/) - Supercharge your SOC operations with Searchlight Cyber's dark web monitoring and API. Remove alert fatigue. Track dark web traffic. Identify threats earlier, - [Cyber Threat Intelligence](https://slcyber.io/use-cases/cyber-threat-intelligence/) - Use Searchlight Cyber's dark web intelligence solutions to meet cyber threat intelligence and external threat monitoring requirements. - [Ransomware](https://slcyber.io/use-cases/ransomware/) - We automatically collate dark web data from active ransomware groups. Get unprecedented insight into a gang's victims and reconnaissance activity. - [Threat Hunting](https://slcyber.io/use-cases/threat-hunting/) - Discover vulnerabilities before cybercriminals can exploit them. Listen to dark web chatter on previously undiscoverable marketplaces, forums, and hidden chats. - [Supply Chain](https://slcyber.io/use-cases/supply-chain/) - Criminals are dealing weapons, drugs, and CSEA on the dark web. Smash the status quo. Give investigators the ability to monitor and bring criminals to justice. - [Fraud](https://slcyber.io/use-cases/fraud/) - Defend against payment fraud. With dark web intelligence, detect stolen cards, data breaches, and phishing sites before they are exploited by cybercriminals. ## Dark Web Hub Posts - [Medusa](https://slcyber.io/dark-web/medusa/) - [TheGentlemen](https://slcyber.io/dark-web/thegentlemen/) - [RehubCom](https://slcyber.io/dark-web/rehubcom/) - [DamageLib](https://slcyber.io/dark-web/damagelib/) - [Kerberos [offline]](https://slcyber.io/dark-web/kerberos/) - Kerberos is a dark web market that began operation in 2022 and maintains a substantial userbase of vendors and customers, predominantly trading in drugs and stolen logins. - [LeakBase [offline]](https://slcyber.io/dark-web/leakbase/) - LeakBase is a relative newcomer that gained popularity during the period of BreachForum disruption as an alternative source of hacked or leaked databases. - [Abacus [offline]](https://slcyber.io/dark-web/abacus-offline/) - Abacus set up shop in 2021 and quickly grew to become one of the most popular Western darknet markets, particularly with Australian vendors and buyers. - [Sinobi](https://slcyber.io/dark-web/sinobi/) - Sinobi began activity in June 2025, and has since maintained a consistent rhythm of attacks against a range of industries and geographies. - [RAMP](https://slcyber.io/dark-web/ramp/) - The RAMP cybercrime forum is also considered “friendly” to Exploit and XSS, with one key differentiator: the forum widely accepts discussions about ransomware. - [BreachForums](https://slcyber.io/dark-web/breachforums/) - BreachForums is the successor to RaidForums, a site that was seized in operation “TOURNIQUET”. - [DragonForce](https://slcyber.io/dark-web/dragonforce/) - DragonForce emerged in late 2023, and since then has repeatedly proved itself as a force to reckoned with. Originally a hacktivist operation, DragonForce pivoted to a RaaS model and has since innovated on the concept. - [BlackOps](https://slcyber.io/dark-web/blackops/) - BlackOps launched in September 2024. Its product offerings are fairly standard, though one quirk is that the number of digital products for sale exceeds its drug-related listings. - [Torzon](https://slcyber.io/dark-web/8base-2/) - Torzon launched in September 2022, its primary offerings are standard: drugs, fraud, counterfeits and digital products. - [RansomHub [offline]](https://slcyber.io/dark-web/ransomhub/) - Despite only emerging in February 2024, RansomHub has quickly become one of the most active RaaS operations tracked by the Searchlight threat intelligence team. - [BlackSuit [offline]](https://slcyber.io/dark-web/blacksuit/) - The BlackSuit ransomware code is notable for its similarity to the Royal ransomware strain. It's highest-profile attack is thought to be against CDK Global. - [BlackBasta [offline]](https://slcyber.io/dark-web/blackbasta/) - BlackBasta is a ransomware operation that is notable for its high volume of attacks, use of custom tools, and suspected links to cybercriminal group FIN7. - [8Base [offline]](https://slcyber.io/dark-web/8base/) - 8Base uses a variant of Phobos ransomware, modified to append a ".8base" extension and its leak site bears similarities to RansomHouse operation. - [OnniForums [offline]](https://slcyber.io/dark-web/onniforums/) - OnniForums was launched in early 2023 and claims to already have 10,000 members. the forum is aimed at database leakers, malware developers, and drug users. - [MGM Grand [offline]](https://slcyber.io/dark-web/mgm-grand/) - MGMGrand is another long-standing market, setting up shop in 2021. Its main category of products is Drugs, with sizeable sections for Fraud and Digital Goods. - [Archetyp [offline]](https://slcyber.io/dark-web/archetyp/) - The Acryptyp marketplace: Explore the dark web site's listings, users, and known admins. - [BidenCash [offline]](https://slcyber.io/dark-web/bidencash/) - BidenCash specializes in the sale of payment card data. In spite of the use of his name and image, it is highly unlikely to be associated with the US President. - [2easy [offline]](https://slcyber.io/dark-web/2easy/) - 2Easy specializes in the sale of “logs” - data that is stored in the web browser, such as site credentials, cookies, and autofill form data - which can be used to digitally impersonate an individual. - [Everest](https://slcyber.io/dark-web/everest/) - Everest has been around since at least 2020, making it one of the oldest ransomware operations still active after LockBit and Cl0p. - [Lynx](https://slcyber.io/dark-web/lynx/) - Lynx is a ransomware group that appeared in 2024 which is believed to be derived from IncRansom. - [Safepay](https://slcyber.io/dark-web/safepay/) - Safepay was first discovered in late 2024 and have been seen abusing compromised credentials to eventually deploy ransomware ever since. - [IncRansom](https://slcyber.io/dark-web/incransom/) - IncRansom is a ransomware group that has been active since at least mid-2023. The group is known to exploit technical vulnerabilities as well as use social engineering techniques to gain access to networks. - [DarkForums](https://slcyber.io/dark-web/darkforums/) - A spiritual successor to the RaidForums/BreachForums lineage, DarkForums has grown to become the top destination for selling and sharing stolen databases. - [LockBit](https://slcyber.io/dark-web/lockbit/) - LockBit was the most active ransomware group by number of listed victims on its dark web leak site in 2022 and 2023. - [XSS](https://slcyber.io/dark-web/xss/) - Originally known as DaMaGeLaB, XSS is one of the longest-running dark web forums. Its new name is a reference to the well known web app vulnerability. - [Cracked](https://slcyber.io/dark-web/cracked/) - The Cracked Forum: Explore the dark web site's contents, its userbase, and the topics covered on the hacking forum. - [Vice Society [offline]](https://slcyber.io/dark-web/vice-society/) - The Vice Society ransomware group stopped posting victims to its dark web leak site in June 2023 and went offline in December. - [How can you identify ransomware operators targeting you on the dark web?](https://slcyber.io/dark-web/how-can-you-identify-ransomware-operators-targeting-you-on-the-dark-web/) - Ransomware groups use the dark web for multiple phases of their operations. - [Cl0p](https://slcyber.io/dark-web/cl0p/) - CL0P ransomware group: Explore their dark web leaks, extortion tactics, and victim trends with data-driven insights from Searchlight Cyber. - [Akira](https://slcyber.io/dark-web/akira/) - Akira ransomware group: Explore their dark web presence, tactics, and victimology with insights from Searchlight Cyber’s threat intelligence platform. - [How do you identify cyberattacks against your supply chain?](https://slcyber.io/dark-web/how-do-you-identify-cyberattacks-against-your-supply-chain/) - Learn how to identify cyberattacks targeting your supply chain using dark web intelligence. Detect threats early and strengthen third-party risk management. - [Qilin](https://slcyber.io/dark-web/qilin/) - Qilin gained notoriety in mid-2024 following an attack on pathology service provider Synnovis, which had debilitating effects on several hospitals in London - [Royal [offline]](https://slcyber.io/dark-web/royal/) - Royal initially used third-party ransomware including BlackCat and Zeon before developing its own malware, written in C++, which infects Windows systems. - [BlackCat [offline]](https://slcyber.io/dark-web/blackcat/) - The RaaS group BlackCat (also known as ALPHV or Noberus) is believed to include developers and money launderers from the former DarkSide ransomware group, most infamous for the Colonial Pipeline attack. - [PutinCash [offline]](https://slcyber.io/dark-web/putincash/) - No doubt inspired by TrumpsDumps and BidenCash, PutinCash is another autoshop named after a world leader offering credit card details and dumps. - [Genesis [offline]](https://slcyber.io/dark-web/genesis/) - On April 5 2023, the Genesis market was seized as part of the international law enforcement crackdown dubbed “Operation Cookie Monster". - [We The North](https://slcyber.io/dark-web/we-the-north/) - We The North caters exclusively to Canadian sellers and buyers. The market promotes this focus as increasing reliability due to the lack of border checks. - [DrugHub](https://slcyber.io/dark-web/drughub/) - DrugHub's creators claim to be former staff members of WhiteHouseMarket, an extremely popular dark web market which closed its doors in October 2022. - [Tor2Door [offline]](https://slcyber.io/dark-web/tor2door/) - In September 2023 the Tor2Door site - at the time one of the biggest marketplaces - closed. It is widely believed that the operators have exit-scammed. - [Nemesis [offline]](https://slcyber.io/dark-web/nemesis/) - Nemesis is rare among escrow markets for not having drugs as the top product category. Most common listing classifications are guides, tutorials, and carding. - [Incognito [offline]](https://slcyber.io/dark-web/incognito/) - All of the listings on Incognito market are drugs related, with no digital or fraud products. - [Cypher [offline]](https://slcyber.io/dark-web/cypher/) - Cypher boasts the longest uptime on this list, setting up shop in February 2020. Its primary drug listings are for stimulants and cannabis. - [Bohemia [offline]](https://slcyber.io/dark-web/bohemia/) - With the closure of major alternatives, Bohemia took pole position as the one of the most popular dark web markets in 2023. However, quickly cracks began to show. - [ASAP [offline]](https://slcyber.io/dark-web/asap/) - In July 2023 ASAP’s administrator announced on the dark web forum Dread that the marketplace was retiring. ASAP was the biggest market by listing volume so it left a big gap to fill. - [DarkMatter](https://slcyber.io/dark-web/darkmatter/) - While it’s considerably smaller in size than other markets featured, DarkMatter has been consistently building a user base while avoiding the typical scandals. - [PatrickStash](https://slcyber.io/dark-web/patrickstash/) - PatrickStash has two categories, Cards and Cards NoVBV (short for Verified By Visa. The site's forum representative is very active in advertising the shop. - [BriansClub](https://slcyber.io/dark-web/briansclub/) - With its inception in 2014, BriansClub is the oldest autoshop on this list and sells a range of fraud products, including CVVs, fullz, and dumps. - [Bahira](https://slcyber.io/dark-web/bahira/) - Bahira has generated buzz in both Russian and English-speaking dark web spaces and boasts the sale of both card details and dumps). - [Rhysida](https://slcyber.io/dark-web/rhysida/) - Rhysida is noteworthy for its focus on organizations in the education industry, followed by those in health care equipment & services, and the public sector. - [What is the dark web?](https://slcyber.io/dark-web/what-is-the-dark-web/) - Our founders Dr. Gareth Owenson and Ben Jones explain how the dark web works. - [How do you investigate criminal activity on the dark web?](https://slcyber.io/dark-web/how-do-you-investigate-criminal-activity-on-the-dark-web/) - Dr. Gareth Owenson talks about the techniques that investigators can use to identify criminal activity on the dark web. - [How can companies preempt and prevent cyberattacks?](https://slcyber.io/dark-web/how-can-companies-preempt-and-prevent-cyberattacks/) - This video examines the "pre-attack" activity on the dark web and how this threat intelligence gives defenders a chance to prevent cyberattacks. - [Play](https://slcyber.io/dark-web/play/) - Play keeps a fairly low profile on the dark web aside from its leak site, not advertising via forum accounts and fending off accusations it has a RaaS model. - [RuTor](https://slcyber.io/dark-web/rutor/) - RuTor has been a prominent forum in the Russian dark web scene since 2015, with threads that span multiple pages - and years - on topics ranging from drugs, fraud, computer programming and current affairs. - [Exploit](https://slcyber.io/dark-web/exploit/) - Exploit is an extremely long-running Russian cybercrime forum. Exploit and other Russian forums tend to view themselves as more professional than other dark web communities. - [Dread](https://slcyber.io/dark-web/dread/) - Dread is a dark web forum that was born out of Reddit’s clampdown on discussions around dark web markets. - [RussianMarket](https://slcyber.io/dark-web/russianmarket/) - RussianMarket specializes in the sale of “logs”, CVVs, dumps and RDP access. Unsurprisingly, it is suspected to be of Russian origin. - [BlackPass](https://slcyber.io/dark-web/blackpass/) - BlackPass specializes in stolen login details needed to hijack e-commerce accounts rather than card details. Some accounts have PII associated with them such as the victim’s name, country, ZIP code, and phone number. ## Podcasts - [Ransomware Landscape Update: More Groups, More Victims](https://slcyber.io/podcasts/ransomware-landscape-update-more-groups-more-victims/) - Tune into Searchlight Cyber’s latest podcasts for expert insight on the ransomware landscape, based on a new report into ransomware activity in H1 2025. - [The Qilin Ransomware Group vs The National Health Service](https://slcyber.io/podcasts/the-qilin-ransomware-group-vs-the-national-health-service/) - This episode of The Dark Dive podcast looks at the Qilin ransomware group's attack on the NHS. Or - more accurately - their ransomware attack against Synnovis. - [The Correlation Between Dark Web Exposure and Cybersecurity Risk](https://slcyber.io/podcasts/the-correlation-between-dark-web-exposure-and-cybersecurity-risk/) - The Dark Dive Podcast is joined by the Marsh McLenan Cyber Risk Intelligence Center discuss a landmark study quantifying the impact of dark web exposure. - [Encrypted Communication Apps: From Telegram to EncroChat](https://slcyber.io/podcasts/encrypted-communication-apps-from-telegram-to-encrochat/) - This episode of The Dark Dive podcast focuses on encrypted communication apps, including Telegram, Tox, Signal, Session, and Jabber. - [ASM in the Age of CTEM](https://slcyber.io/podcasts/asm-in-the-age-of-ctem/) - In this episode of The Dark Dive we examine Continuous Threat Exposure Management (CTEM) as an evolution of Attack Surface Management (ASM). - [A Deep Dive Into The LockBit Data Leaks](https://slcyber.io/podcasts/a-deep-dive-into-the-lockbit-data-leaks/) - The Searchlight Cyber threat intelligence team shares its analysis of the LockBit data leaks. - [Ransomware Gangs on the Dark Web](https://slcyber.io/podcasts/ransomware-gangs-on-the-dark-web/) - Delve into the operations of ransomware gangs on the dark web. This Searchlight Cyber podcast reveals their tactics, tools, and how to stay ahead of threats. - [Combatting Dark Web Criminality](https://slcyber.io/podcasts/combatting-dark-web-criminality/) - Explore how law enforcement and cybersecurity experts combat dark web criminality in this Searchlight Cyber podcast episode featuring real-world insights. - [Dark Web Threats Against Individuals](https://slcyber.io/podcasts/dark-web-threats-against-individuals/) - In this episode of The Dark Dive we look at how specific individuals - Executives, VIPs, and high-net worths - are targeted by cybercriminals on the dark web. - [Hacktivism](https://slcyber.io/podcasts/hacktivism/) - This month's episode of The Dark Dive tackles the thorny issue of hacktivism: hackers that are driven by ideological - rather than financial - motivations. - [Attack Surface Management 101](https://slcyber.io/podcasts/attack-surface-management-101/) - In this month's episode of The Dark Dive we're joined by the co-founders of Assetnote to discuss the fundamentals of Attack Surface Management. - [The Dark Web in 2025](https://slcyber.io/podcasts/the-dark-web-in-2025/) - We've assembled two of Searchlight Cyber's threat intelligence experts to give their take on what we can expect from the dark web in 2025. - [Infostealers on the Dark Web](https://slcyber.io/podcasts/infostealers-on-the-dark-web/) - This episode of The Dark Dive podcast focuses on infostealers - information stealing malware that we see circulating on the dark web. - [Responding to a Cyberattack](https://slcyber.io/podcasts/responding-to-a-cyberattack/) - Former IBM X-Force lead Caleb Barlow joins Luke Donovan on The Dark Dive podcast to discuss how organizations should respond to a cyberattack. - [The Dark Dive Trailer](https://slcyber.io/podcasts/the-dark-dive-trailer/) - Introducing The Dark Dive, the podcast that demystifies the dark web. - [How the Dark Web Works](https://slcyber.io/podcasts/how-the-dark-web-works/) - We start The Dark Dive podcast series with the question: what is the dark web? - [Dark Web Hacking Forums](https://slcyber.io/podcasts/dark-web-hacking-forums/) - How do dark web hacking forums differ from regular internet forums? - [Dark Web Marketplaces](https://slcyber.io/podcasts/dark-web-marketplaces/) - In this episode of The Dark Dive we look at the types of goods that are sold on dark web marketplaces. - [Cryptomixers, Linksites, and Dark Web Search Engines](https://slcyber.io/podcasts/cryptomixers-linksites-and-dark-web-search-engines/) - This episode of The Dark Dive looks at the "service providers" that facilitate criminal activity on the dark web. - [Dark Web Data Leaks](https://slcyber.io/podcasts/dark-web-data-leaks/) - We discuss noteworthy dark web data leaks over the years - including 23andMe, Ashley Madison, Yahoo!, and Ticketmaster - all the way up to the present day. - [The LockBit Takedown](https://slcyber.io/podcasts/the-lockbit-takedown/) - The Dark Dive podcast takes a forensic look at Operation Cronos, the international law enforcement takedown of the LockBit ransomware group. ## Research - [Keys to the Kingdom: Anonymous SQL Injection in Drupal Core (CVE-2026-9082)](https://slcyber.io/research-center/keys-to-the-kingdom-anonymous-sql-injection-in-drupal-core-cve-2026-9082/) - Inside SA-Core2026-004 On the 20th of May, the Drupal Security Team released SA-CORE-2026-004 (CVE-2026-9082), a Highly critical (20/25) SQL injection in Drupal core. The issue is reachable by fully anonymous users on any deployment that backs Drupal with PostgreSQL. It was reported upstream by Michael Maturi and a fix shipped across every supported branch (11.3.10, - [New Age of Collisions: Reading Arbitrary Files Pre-Auth as root in cPanel (CVE-2026-29205)](https://slcyber.io/research-center/new-age-of-collisions-reading-arbitrary-files-pre-auth-as-root-in-cpanel-cve-2026-29205/) - Times Are Changing These last few months have been super weird. We've ended up in a situation several times where we have learnt that an exploits life cycle has significantly been reduced due to the introduction of frontier models that are extremely capable at picking apart software that can be obscure in nature, such as - [Ghosts of Encryption Past - How we Read All Your Emails in Salesforce Marketing Cloud](https://slcyber.io/research-center/ghosts-of-encryption-past-salesforce-exacttarget/) - Have you noticed that almost every marketing email you receive looks somewhat similar, or has functionality that seems centralised? This is because most corporations have moved to some form of marketing cloud to facilitate sending mass email campaigns. This shift appears to have happened in the last 10-15 years, and it doesn't seem to be - [High Fidelity Check for the cPanel Authentication Bypass (CVE-2026-41940)](https://slcyber.io/research-center/high-fidelity-check-for-the-cpanel-authentication-bypass-cve-2026-41940/) - Less than 24 hours ago, an advisory was released for a complete authentication bypass in cPanel. Successful exploitation allows an unauthenticated attacker to get a login session of any user, including the all-powerful root user via WHM. We have seen PoCs and detections proliferate over Github in the rush to both exploit and defend against - [Magento PolyShell - Unauthenticated File Upload to RCE in Magento (APSB25-94)](https://slcyber.io/research-center/magento-polyshell-unauthenticated-file-upload-to-rce-in-magento-apsb25-94/) - Magento remains one of the most popular e-commerce solutions in use on the internet, estimated to be running on more than 130,000 websites. It is also offered as an enterprise offering by Adobe under the name Adobe Commerce. On March 17th 2026, Sansec released new research dubbed PolyShell (APSB25-94), an unauthenticated unrestricted file upload vulnerability - [Hyoketsu - Solving the Vendor Dependency Problem in RE](https://slcyber.io/research-center/hyoketsu-solving-the-vendor-dependency-problem-in-re/) - The Long Decompilation Process Over the last eight or so years of performing security research at Assetnote, our research team has looked at countless enterprise applications that ship with hundreds, sometimes thousands, of vendor dependencies. This problem tends to be worse in larger enterprise applications that follow the typical Java/C# monolith approach, and it has - [Breaking Oracle's Identity Manager: Pre-Auth RCE (CVE-2025-61757)](https://slcyber.io/research-center/breaking-oracles-identity-manager-pre-auth-rce/) - Intro Earlier this year, in January, Oracle Cloud's login service (login.us2.oraclecloud.com) was breached—this led to the compromise of 6M records and over 140k Oracle Cloud tenants. Analysis showed that the threat actor had exploited an older CVE (CVE-2021-35587) to achieve RCE on this host before exfiltrating all credentials. This marked one of the most significant - [Almost Impossible: Java Deserialization Through Broken Crypto in OpenText Directory Services](https://slcyber.io/research-center/almost-impossible-java-deserialization-through-broken-crypto-in-opentext-directory-services/) - Introduction We recently found ourselves looking into OpenText Directory Services (OTDS). We had seen it present on our customer's attack surface, and it seemed to be an interesting target. OTDS is a Java web application providing authentication and user management for OpenText applications. OpenText provides a number of information management products, and finding a security - [High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478)](https://slcyber.io/research-center/high-fidelity-detection-mechanism-for-rsc-next-js-rce-cve-2025-55182-cve-2025-66478/) - This morning, an advisory was released for Next.js about a vulnerability that leads to RCE in default configurations, with no prerequisites. The root cause of this issue lies in React Server Components, which Next.js utilizes. Over the last day, we have noticed an incredible amount of incorrect PoCs floating around on GitHub that do not - [Sitecore: Unsafe Deserialisation Again! (CVE-2025-27218)](https://slcyber.io/research-center/sitecore-unsafe-deserialisation-again-cve-2025-27218/) - Learn the Sitecore unsafe deserialization vulnerability CVE-2025-27218. Understand the cause, impact, payload generation, and exploitation risks uncovered in Assetnote’s security research. - [Why nested deserialization is STILL harmful - Magento RCE (CVE-2025-54236)](https://slcyber.io/research-center/why-nested-deserialization-is-still-harmful-magento-rce-cve-2025-54236/) - Magento is still one of the most popular e-commerce solutions in use on the internet, estimated to be running on more than 130,000 websites. It is also offered as an enterprise offering by Adobe under the name Adobe Commerce, which receives automatic patching. Another critical vulnerability has been announced in Magento / Adobe Commerce: CVE-2025-54236, - [Doing the Due Diligence: Analyzing the Next.js Middleware Bypass (CVE-2025-29927)](https://slcyber.io/research-center/doing-the-due-diligence-analysing-the-next-js-middleware-bypass-cve-2025-29927/) - Discover insights into the Next.js Middleware Bypass (CVE-2025-29927). Learn its impact, risks, and mitigation strategies from Searchlight Cyber experts - [Loose Types Sink Ships: Pre-Authentication SQL Injection in Halo ITSM](https://slcyber.io/research-center/loose-types-sink-ships-pre-authentication-sql-injection-in-halo-itsm/) - Discover how a pre-authentication SQL Injection in Halo ITSM exposes critical risks. Learn the impact, exploitation details, and security takeaways. - [Novel SSRF Technique Involving HTTP Redirect Loops](https://slcyber.io/research-center/novel-ssrf-technique-involving-http-redirect-loops/) - It's difficult to show impact for Server-Side Request Forgery (SSRF) vulnerabilities when you cannot see the full HTTP response. Our research team details a novel technique that allowed for us to leak the full HTTP response, even though the SSRF seemed like it was blind. - [How we got persistent XSS on every AEM cloud site, thrice](https://slcyber.io/research-center/how-we-got-persistent-xss-on-every-aem-cloud-site-thrice/) - Adobe Experience Manager is marketed as an 'enterprise grade' CMS and is one of the most popular CMSes among large companies. If you visit the landing page of a large corporate site, chances are it may be running AEM under the hood. AEM started as a standalone, self hosted application, but in recent years Adobe - [Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke)](https://slcyber.io/research-center/abusing-windows-net-quirks-and-unicode-normalization-to-exploit-dnn-dotnetnuke/) - A pre-authentication vulnerability exists within DotNetNuke versions 6.0 to 10.0.1, assigned CVE-2025-52488, that allows attackers to steal NTLM hashes. - [RCE in the Most Popular Survey Software You've Never Heard Of](https://slcyber.io/research-center/rce-in-the-most-popular-survey-software-youve-never-heard-of/) - Searchlight Cyber uncovers remote code execution (RCE) vulnerability in survey software Lighthouse Studio, from Sawtooth Software - [A Novel Technique for SQL Injection in PDO's Prepared Statements](https://slcyber.io/research-center/a-novel-technique-for-sql-injection-in-pdos-prepared-statements/) - Searchlight Cyber's Security Research team details a Novel Technique for SQL Injection in PDO's Prepared Statements. - [How We Accidentally Discovered a Remote Code Execution Vulnerability in ETQ Reliance](https://slcyber.io/research-center/how-we-accidentally-discovered-a-remote-code-execution-vulnerability-in-etq-reliance/) - Note: In correspondence with Hexagon while disclosing the bugs below, they informed us that any sharing of source code would be considered a violation of their terms and license. The Java code has been replaced with similar code that illustrates the flow of the application and names have been changed. It seems that vulnerability research - [Struts Devmode in 2025? Critical Pre-Auth Vulnerabilities in Adobe Experience Manager Forms](https://slcyber.io/research-center/struts-devmode-in-2025-critical-pre-auth-vulnerabilities-in-adobe-experience-manager-forms/) - Vulnerabilities in AEM Forms The Searchlight Cyber Research Team discovered and disclosed three critical vulnerabilities in Adobe Experience Manager Forms to Adobe in late April 2025. As of writing this research post, 90 days have passed since our disclosure to Adobe. During this time, Adobe has only released a patch for one of the three - [Secondary Context Path Traversal in Omnissa Workspace ONE UEM](https://slcyber.io/research-center/secondary-context-path-traversal-in-omnissa-workspace-one-uem/) - Secondary Context Path Traversal vulnerability in Omnissa Workspace One UEM (CVE-2025-25231) that leads to pre-auth API access as a super admin. - [Finding Critical Bugs in Adobe Experience Manager](https://slcyber.io/research-center/finding-critical-bugs-in-adobe-experience-manager/) - Adobe Experience Manager is one of the most popular CMSes around. Given its widespread use throughout the enterprise, you likely interact with AEM-based sites almost every day. From a security perspective, AEM presents an interesting target. AEM's popularity suggests that the impact of security issues or misconfigurations should be far-reaching. Still, the heavy customization and - [Nginx/Apache Path Confusion to Auth Bypass in PAN-OS (CVE-2025-0108)](https://slcyber.io/research-center/nginx-apache-path-confusion-to-auth-bypass-in-pan-os-cve-2025-0108/) - A few months ago, the news broke that CVE-2024-0012 and CVE-2024-9474 were under active exploitation in Palo Alto’s firewall. Described as a combination of an auth bypass and command execution, successful exploitation led to root on the affected devices. At Assetnote, we not only wrote checks for the vulnerability but also had a look into - [Uncovering Critical Vulnerabilities in Magento: A Deep Dive](https://slcyber.io/research-center/uncovering-critical-vulnerabilities-in-magento-a-deep-dive/) - Explore a deep dive into critical Magento vulnerabilities. Learn how attackers exploit flaws and how security teams can strengthen defenses. - [Chaining Three Bugs to Access All Your ServiceNow Data (Live Q&A)](https://slcyber.io/research-center/chaining-three-bugs-to-access-all-your-servicenow-data-live-qa/) - In this live Q&A, Assetnote security researcher Adam Kues explains his approach to how he found three ServiceNow vulnerabilities. - [A Deep Dive into Three ServiceNow Vulnerabilities](https://slcyber.io/research-center/a-deep-dive-into-three-servicenow-vulnerabilities/) - Security Researcher Adam Kues spent over a month finding ServiceNow Vulnerabilities and was credited with CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217. ## eBooks - [ASM in the age of CTEM](https://slcyber.io/ebooks/asm-in-the-age-of-ctem/) - Discover how Attack Surface Management powers Continuous Threat Exposure Management (CTEM) to protect against evolving cyber risks. ## Categories - [Uncategorized](https://slcyber.io/category/uncategorized/) - [Ransomware](https://slcyber.io/category/ransomware/) - [Supply Chain](https://slcyber.io/category/supply-chain/) - [Pre-Attack Intelligence](https://slcyber.io/category/pre-attack-intelligence/) - [Threat Intelligence](https://slcyber.io/category/threat-intelligence/) - [Financial Services](https://slcyber.io/category/financial-services/) - [About The Dark Web](https://slcyber.io/category/about-the-dark-web/) - [Law Enforcement](https://slcyber.io/category/law-enforcement/) - [MSSPs](https://slcyber.io/category/mssps/) - [Critical National Infrastructure](https://slcyber.io/category/critical-national-infrastructure/) - [Government](https://slcyber.io/category/government/) - [Report](https://slcyber.io/category/report/) - [Energy Industry](https://slcyber.io/category/energy-industry/) - [News](https://slcyber.io/category/news/) - [Dark Web Forums](https://slcyber.io/category/dark-web-forums/) - [AI](https://slcyber.io/category/ai/) - [Dark Web Markets](https://slcyber.io/category/dark-web-markets/) - [Compliance](https://slcyber.io/category/compliance/) - [ASM](https://slcyber.io/category/asm/) - [CTEM](https://slcyber.io/category/ctem/) - [Product Updates](https://slcyber.io/category/product-updates/) - [Cyber Risk](https://slcyber.io/category/cyber-risk/) - [Preemptive Threat Exposure Management](https://slcyber.io/category/preemptive-threat-exposure-management/) ## Tags - [Threat Intelligence](https://slcyber.io/tag/threat-intelligence/) - [Ransomware](https://slcyber.io/tag/ransomware/) - [LAPSUS$](https://slcyber.io/tag/lapsus/) - [Threat Actors](https://slcyber.io/tag/threat-actors/) - [Dark Web Marketplaces](https://slcyber.io/tag/dark-web-marketplaces/) - [Takedowns](https://slcyber.io/tag/takedowns/) - [Hydra](https://slcyber.io/tag/hydra/) - [Dread](https://slcyber.io/tag/dread/) - [I2P](https://slcyber.io/tag/i2p/) - [Tor](https://slcyber.io/tag/tor/) - [Dark Web Networks](https://slcyber.io/tag/dark-web-networks/) - [NCSC](https://slcyber.io/tag/ncsc/) - [Supply Chain](https://slcyber.io/tag/supply-chain/) - [MFA](https://slcyber.io/tag/mfa/) - [Cl0p](https://slcyber.io/tag/cl0p/) - [CNI](https://slcyber.io/tag/cni/) - [BlackCat](https://slcyber.io/tag/blackcat/) - [Sandworm](https://slcyber.io/tag/sandworm/) - [Executive Threat](https://slcyber.io/tag/executive-threat/) - [Doxxing](https://slcyber.io/tag/doxxing/) - [Leak Sites](https://slcyber.io/tag/leak-sites/) - [Fraud](https://slcyber.io/tag/fraud/) - [Insider Threat](https://slcyber.io/tag/insider-threat/) - [NATO](https://slcyber.io/tag/nato/) - [Military](https://slcyber.io/tag/military/) - [adrastea](https://slcyber.io/tag/adrastea/) - [MSSPs](https://slcyber.io/tag/mssps/) - [Security Audit](https://slcyber.io/tag/security-audit/) - [DarkSide](https://slcyber.io/tag/darkside/) - [LockBit](https://slcyber.io/tag/lockbit/) - [Finance](https://slcyber.io/tag/finance/) - [MITRE ATT&CK](https://slcyber.io/tag/mitre-attck/) - [Cyber Kill Chain](https://slcyber.io/tag/cyber-kill-chain/) - [Shift Left](https://slcyber.io/tag/shift-left/) - [Pre-Attack](https://slcyber.io/tag/pre-attack/) - [Reconnaissance](https://slcyber.io/tag/reconnaissance/) - [Dark Web Intelligence](https://slcyber.io/tag/dark-web-intelligence/) - [Tech Jobs](https://slcyber.io/tag/tech-jobs/) - [Cyber Skills](https://slcyber.io/tag/cyber-skills/) - [Cyber Skill Gap](https://slcyber.io/tag/cyber-skill-gap/) - [Law Enforcement](https://slcyber.io/tag/law-enforcement/) - [Child Protection](https://slcyber.io/tag/child-protection/) - [Dark Web Investigation](https://slcyber.io/tag/dark-web-investigation/) - [Autoshops](https://slcyber.io/tag/autoshops/) - [Malware](https://slcyber.io/tag/malware/) - [Phishing](https://slcyber.io/tag/phishing/) - [Dark Web Traffic](https://slcyber.io/tag/dark-web-traffic/) - [Conti](https://slcyber.io/tag/conti/) - [Dark Web Forums](https://slcyber.io/tag/dark-web-forums/) - [Deep Web](https://slcyber.io/tag/deep-web/) - [Telegram](https://slcyber.io/tag/telegram/) - [MSSP](https://slcyber.io/tag/mssp/) - [Research](https://slcyber.io/tag/research/) - [Report](https://slcyber.io/tag/report/) - [Vice Society](https://slcyber.io/tag/vice-society/) - [Ransomware Spotlight](https://slcyber.io/tag/ransomware-spotlight/) - [Webinar](https://slcyber.io/tag/webinar/) - [Carding](https://slcyber.io/tag/carding/) - [CISO](https://slcyber.io/tag/ciso/) - [Enterprise security](https://slcyber.io/tag/enterprise-security/) - [survey](https://slcyber.io/tag/survey/) - [Stealth Browser](https://slcyber.io/tag/stealth-browser/) - [Cerberus](https://slcyber.io/tag/cerberus/) - [Virtual machines](https://slcyber.io/tag/virtual-machines/) - [energy industry](https://slcyber.io/tag/energy-industry/) - [Threat model](https://slcyber.io/tag/threat-model/) - [Threat modeling](https://slcyber.io/tag/threat-modeling/) - [Initial access brokers](https://slcyber.io/tag/initial-access-brokers/) - [Zero day](https://slcyber.io/tag/zero-day/) - [MOVEit](https://slcyber.io/tag/moveit/) - [Everest](https://slcyber.io/tag/everest/) - [ASAP](https://slcyber.io/tag/asap/) - [Drugs](https://slcyber.io/tag/drugs/) - [Banks](https://slcyber.io/tag/banks/) - [Refunding-as-a-Service](https://slcyber.io/tag/refunding-as-a-service/) - [ALPHV](https://slcyber.io/tag/alphv/) - [RaaS](https://slcyber.io/tag/raas/) - [Scattered Spider](https://slcyber.io/tag/scattered-spider/) - [Tor2Door](https://slcyber.io/tag/tor2door/) - [Exit scam](https://slcyber.io/tag/exit-scam/) - [Hactivism](https://slcyber.io/tag/hactivism/) - [DDoS](https://slcyber.io/tag/ddos/) - [Distributed-Denial-of-Service](https://slcyber.io/tag/distributed-denial-of-service/) - [Attack-For-Hire](https://slcyber.io/tag/attack-for-hire/) - [Stressers](https://slcyber.io/tag/stressers/) - [Booters](https://slcyber.io/tag/booters/) - [enterprise](https://slcyber.io/tag/enterprise/) - [Bohemia](https://slcyber.io/tag/bohemia/) - [AlphaBay](https://slcyber.io/tag/alphabay/) - [Genesis](https://slcyber.io/tag/genesis/) - [BreachForums](https://slcyber.io/tag/breachforums/) - [Exploit](https://slcyber.io/tag/exploit/) - [RAMP](https://slcyber.io/tag/ramp/) - [XSS](https://slcyber.io/tag/xss/) - [RansomedVC](https://slcyber.io/tag/ransomedvc/) - [State-sponsored actors](https://slcyber.io/tag/state-sponsored-actors/) - [APT](https://slcyber.io/tag/apt/) - [infostealers](https://slcyber.io/tag/infostealers/) - [CitrixBleed](https://slcyber.io/tag/citrixbleed/) - [Vulnerabilities](https://slcyber.io/tag/vulnerabilities/) - [Malware-as-a-Service](https://slcyber.io/tag/malware-as-a-service/) - [Social engineering](https://slcyber.io/tag/social-engineering/) - [phishing sites](https://slcyber.io/tag/phishing-sites/) - [2fa](https://slcyber.io/tag/2fa/) - [ChatGPT](https://slcyber.io/tag/chatgpt/) - [Generative AI](https://slcyber.io/tag/generative-ai/) - [XSSBot](https://slcyber.io/tag/xssbot/) - [DeFi](https://slcyber.io/tag/defi/) - [cryptocurrency](https://slcyber.io/tag/cryptocurrency/) - [crpto exchanges](https://slcyber.io/tag/crpto-exchanges/) - [DAO](https://slcyber.io/tag/dao/) - [Bridge hacks](https://slcyber.io/tag/bridge-hacks/) ## Formats - [whitepaper](https://slcyber.io/formats/whitepaper/) - [report](https://slcyber.io/formats/report/) ## Dark Web Hub Categories - [Autoshop Marketplaces](https://slcyber.io/dark-web-categories/autoshop-marketplaces/) - [Escrow Marketplaces](https://slcyber.io/dark-web-categories/escrow-marketplaces/) - [Hacking Forums](https://slcyber.io/dark-web-categories/hacking-forums/) - [Ransomware Leak Sites](https://slcyber.io/dark-web-categories/ransomware-leak-sites/) ## Resource Categories - [Sales plays and play decks](https://slcyber.io/sales-portal-dashboard/sales-plays-and-play-decks/) - Quick links to all Searchlight sales decks and supporting resources. - [Sales stories](https://slcyber.io/sales-portal-dashboard/sales-plays-and-play-decks/sales-stories/) - [Positioning and messaging](https://slcyber.io/sales-portal-dashboard/positioning-and-messaging/) - How we talk about our brand and the value it delivers to our audience. - [Product Training & Events](https://slcyber.io/sales-portal-dashboard/training-and-events/) - All the tools and content you need to sell smarter and sell more. - [Employee onboarding](https://slcyber.io/sales-portal-dashboard/onboarding/) - Close your knowledge gap with these best-practice resources - [Customer-facing resources](https://slcyber.io/sales-portal-dashboard/customer-facing-resources/) - The latest dark web intelligence reports and research from Searchlight Cyber. - [Competitor & Industry intel](https://slcyber.io/sales-portal-dashboard/industry-intel/) - Insights on the key industries and sectors Searchlight sells to. - [Reports](https://slcyber.io/sales-portal-dashboard/customer-facing-resources/reports/) - [Case studies](https://slcyber.io/sales-portal-dashboard/customer-facing-resources/case-studies/) - [Webinars](https://slcyber.io/sales-portal-dashboard/customer-facing-resources/webinars/) - [Training and enablement](https://slcyber.io/sales-portal-dashboard/training-and-events/training-and-enablement/) - [Events](https://slcyber.io/sales-portal-dashboard/training-and-events/events/) - [Competitor battlecards](https://slcyber.io/sales-portal-dashboard/industry-intel/battlecards/) - [Decks and Proposals](https://slcyber.io/sales-portal-dashboard/sales-plays-and-play-decks/decks-and-proposals/) - [Brochures](https://slcyber.io/sales-portal-dashboard/customer-facing-resources/brochures/) - [Industry Intel](https://slcyber.io/sales-portal-dashboard/industry-intel/industry-intel-industry-intel/) - [Getting started](https://slcyber.io/sales-portal-dashboard/onboarding/getting-started/) - [The Sales University](https://slcyber.io/sales-portal-dashboard/onboarding/sales-university/) - [Day #1](https://slcyber.io/sales-portal-dashboard/onboarding/sales-university/day1/) - [Day #2](https://slcyber.io/sales-portal-dashboard/onboarding/sales-university/day-2/) - [Day #3](https://slcyber.io/sales-portal-dashboard/onboarding/sales-university/day-3/) ## Research Categories - [Security research](https://slcyber.io/research-category/security-research/) - [Videos](https://slcyber.io/research-category/videos/)