Safeguard
Tag

threat-intelligence

Safeguard articles tagged "threat-intelligence" — guides, analysis, and best practices for software supply chain and application security.

47 articles

Industry News

OpenSSF Launches SIREN: A Mailing List for Open Source Threat Intelligence

The Open Source Security Foundation introduces SIREN, a dedicated mailing list for sharing real-time threat intelligence about attacks targeting open source ecosystems.

Nov 15, 20246 min read
Ransomware

Medusa Ransomware: How Supply Chain Infiltration Became Their Signature Move

Medusa ransomware operators have refined a playbook that targets managed service providers and software vendors as stepping stones into hundreds of downstream victims.

Nov 5, 20246 min read
Threat Intelligence

Fog Ransomware: Why Schools and Universities Are Under Siege

Fog ransomware has carved a niche by targeting educational institutions — organizations with tight budgets, thin security teams, and massive attack surfaces. Here is how they operate.

Nov 5, 20246 min read
Industry Analysis

Kimsuky Developer Targeting Analysis

Kimsuky has pivoted from diplomats to developers. A look at the tradecraft behind its supply-chain-flavored operations and what engineering orgs should do about it.

Oct 10, 20246 min read
Vulnerability Management

Vulnerability Intelligence Platforms Compared for Supply Chain Security

Vulnerability intelligence platforms aggregate, enrich, and prioritize vulnerability data. This comparison examines how leading platforms handle supply chain-specific intelligence needs.

Sep 15, 20246 min read
Threat Intelligence

INC Ransom: Inside the Group Targeting Healthcare Infrastructure

INC Ransom has made healthcare a primary target, exploiting the sector's unique vulnerabilities and urgency. A deep dive into their operations and what healthcare security teams should prioritize.

Sep 15, 20246 min read
Security Concepts

Malware Types: A Practitioner's Taxonomy

A reference list of all malware types by how they spread and what they do — worms, trojans, ransomware, rootkits, and the rest — because knowing the category tells you what defense actually stops it.

Apr 22, 20246 min read
Threat Intelligence

Threat Intelligence Feeds for Supply Chain Security

Supply chain threat intelligence goes beyond CVE databases. Specialized feeds track malicious packages, compromised maintainers, and emerging attack techniques targeting the software supply chain.

Apr 5, 20245 min read
Threat Intelligence

BianLian's Pivot: From Ransomware Encryption to Pure Data Extortion

BianLian abandoned encryption entirely in favor of data theft and extortion. This shift reveals where ransomware economics are heading — and why traditional defenses are lagging behind.

Mar 10, 20246 min read
Threat Intelligence

Open Source Intelligence (OSINT) for Supply Chain Security

How OSINT techniques can uncover supply chain threats hiding in plain sight—from compromised packages to suspicious maintainer activity.

Apr 18, 20236 min read
Threat Intelligence

Dark Web Monitoring for Supply Chain Threats

Software supply chain credentials, stolen signing keys, and zero-day exploits for build tools are traded on dark web forums. Monitoring these channels provides early warning of supply chain attacks.

Jul 5, 20225 min read
threat-intelligence (Page 4) — Safeguard Blog