Every year, the cybersecurity landscape evolves and unbelievably expands with new and more sophisticated attack tactics.
Despite that, malicious actors may leave imprints that enrich threat intelligence sources. To demonstrate, TIP researchers dove into three of the most significant cybersecurity incidents of 2022. Our key findings include:
- For the Revolut Data Breach,1 we found 220+ artifacts that shared either the IoC domain’s registrant organization or text string.
- For the Lapsus$ Group Hacking Spree, we analyzed about 40 IoCs2 and discovered 670+ artifacts connected to them through DNS resolutions. We also found another 70+ domains owned by the same registrant organizations as some of the IoCs.
- The new PayPal phishing scam3 detected last year had more than 1,500 artifacts, particularly domains containing the string support and sharing the same name server used by the IoC at the time of the attack.
Download a sample of the threat research materials now.
-  https://www.helpnetsecurity.com/2022/09/20/revolut-data-breach-phishing/
-  https://otx.alienvault.com/pulse/623dd2ae266f98dda5018fc0
-  https://krebsonsecurity.com/2022/08/paypal-phishing-scam-uses-invoices-sent-via-paypal/