Pro-Russian Cyber Activity: Hybrid Threats and the UK Response
An insights article assessing pro-Russian cyber activity with a situational briefing on hybrid threats to UK-aligned institutions. Includes a side-by-side comparison of key threat groups including KillNet, NoName057(16), and XakNet.
Donation-Based Ransomware Groups
An insights article comparing donation-model ransomware operators such as MalasLocker, exploring the ethics, tactics, and implications of threat actors who demand charitable giving instead of cryptocurrency payments.
Emerging Ransomware Threats and Securing Open-Source Email Infrastructure
An insights article highlighting the rise of unconventional ransomware groups targeting open-source email platforms like Zimbra, including a technical bulletin with actionable guidance for UK organisations.
The Quiet Breach: Understanding and Responding to Low-Volume Data Leak Actors
An insights article exploring the rise of low-volume data leak actors and offering a practical detection and response guide for non-encryption-based extortion threats targeting UK organisations.
Detection Advisory: ProjectRelic and Low-Noise Threat Actors in the UK and EU
A detection-focused advisory for research institutions and local governments concerned with low-noise threat actors such as ProjectRelic, including a technical bulletin on persistence, credential theft, and passive data exfiltration in academic and civic networks.
Stealth-State Actors: Silent Persistence, Slow Exfiltration, and Cloud-Based C2
An insights post exploring the stealthy methods of state-aligned threat actors, including Silent Ransom (Silk Typhoon), and how defenders can detect slow exfiltration and cloud-based command and control in enterprise environments.
