fastfire
@fastfire.bsky.social
Head of Cyber Threat Intelligence @ Würth Group, GCTI/CPENT/CEH/CND/CSA/ECSA/ECIH/CTIA, owner of SATAYO CTI platform & deepdarkCTI - member of @CuratedIntel
📌 How is the ransomware gang landscape evolving after the #RAMP forum seizure?
🔴 Another well-known forum seems to be becoming a point of reference in this field.
👉🏼 We discuss it in the article you can read at this link www.neteye-blog.com/2026/02/from...
🔴 Another well-known forum seems to be becoming a point of reference in this field.
👉🏼 We discuss it in the article you can read at this link www.neteye-blog.com/2026/02/from...
February 4, 2026 at 10:53 AM
📌 How is the ransomware gang landscape evolving after the #RAMP forum seizure?
🔴 Another well-known forum seems to be becoming a point of reference in this field.
👉🏼 We discuss it in the article you can read at this link www.neteye-blog.com/2026/02/from...
🔴 Another well-known forum seems to be becoming a point of reference in this field.
👉🏼 We discuss it in the article you can read at this link www.neteye-blog.com/2026/02/from...
With 2025 now behind us, we can make some observations regarding the landscape of double-extortion #ransomware #attacks.
❓ Which ransomware gangs were the most active?
❓ Which sectors and countries were most affected?
👉🏻 Read the full article here www.neteye-blog.com/2026/01/rans...
❓ Which ransomware gangs were the most active?
❓ Which sectors and countries were most affected?
👉🏻 Read the full article here www.neteye-blog.com/2026/01/rans...
January 2, 2026 at 1:57 PM
With 2025 now behind us, we can make some observations regarding the landscape of double-extortion #ransomware #attacks.
❓ Which ransomware gangs were the most active?
❓ Which sectors and countries were most affected?
👉🏻 Read the full article here www.neteye-blog.com/2026/01/rans...
❓ Which ransomware gangs were the most active?
❓ Which sectors and countries were most affected?
👉🏻 Read the full article here www.neteye-blog.com/2026/01/rans...
📢 Recap of what happened in #deepdarkCTI in 2025:
✅ 586 commits
✅ 35 contributors
✅ 6,400 stars on GitHub
✅ 8 articles on www.deepdarkcti.com
✅ 129 active users within the Telegram channel
✅ a total of 2,465 sources
🙏 Many thanks to the #deepdarkCTI community!
✅ 586 commits
✅ 35 contributors
✅ 6,400 stars on GitHub
✅ 8 articles on www.deepdarkcti.com
✅ 129 active users within the Telegram channel
✅ a total of 2,465 sources
🙏 Many thanks to the #deepdarkCTI community!
December 31, 2025 at 1:08 PM
📢 Recap of what happened in #deepdarkCTI in 2025:
✅ 586 commits
✅ 35 contributors
✅ 6,400 stars on GitHub
✅ 8 articles on www.deepdarkcti.com
✅ 129 active users within the Telegram channel
✅ a total of 2,465 sources
🙏 Many thanks to the #deepdarkCTI community!
✅ 586 commits
✅ 35 contributors
✅ 6,400 stars on GitHub
✅ 8 articles on www.deepdarkcti.com
✅ 129 active users within the Telegram channel
✅ a total of 2,465 sources
🙏 Many thanks to the #deepdarkCTI community!
A new interview is available on the #deepdarkCTI project blog. This time, the interview concerns the #Benzona ransomware gang.
👉 You can read the full interview here deepdarkcti.com/interview-8-...
👉 You can read the full interview here deepdarkcti.com/interview-8-...
December 23, 2025 at 11:48 PM
A new interview is available on the #deepdarkCTI project blog. This time, the interview concerns the #Benzona ransomware gang.
👉 You can read the full interview here deepdarkcti.com/interview-8-...
👉 You can read the full interview here deepdarkcti.com/interview-8-...
🔴The problem of properly integrating #Threat #Intelligence into #Security #Operations processes is a recurring one.
📌 I wrote an article in which I described the integration process we have implemented.
👉🏻 Read the article here www.neteye-blog.com/2025/11/embe...
📌 I wrote an article in which I described the integration process we have implemented.
👉🏻 Read the article here www.neteye-blog.com/2025/11/embe...
November 5, 2025 at 11:28 PM
🔴The problem of properly integrating #Threat #Intelligence into #Security #Operations processes is a recurring one.
📌 I wrote an article in which I described the integration process we have implemented.
👉🏻 Read the article here www.neteye-blog.com/2025/11/embe...
📌 I wrote an article in which I described the integration process we have implemented.
👉🏻 Read the article here www.neteye-blog.com/2025/11/embe...
Reposted by fastfire
#Ransomware 📣 NEW FEATURE
La nuova sezione RF Domain Monitor permette il monitoraggio costante dei domini sotto controllo #Ransomfeed e di deepdarkCTI project (@fastfire.bsky.social), alla ricerca di variazioni DNS e law enforcement.
1/2
La nuova sezione RF Domain Monitor permette il monitoraggio costante dei domini sotto controllo #Ransomfeed e di deepdarkCTI project (@fastfire.bsky.social), alla ricerca di variazioni DNS e law enforcement.
1/2
October 22, 2025 at 10:15 AM
#Ransomware 📣 NEW FEATURE
La nuova sezione RF Domain Monitor permette il monitoraggio costante dei domini sotto controllo #Ransomfeed e di deepdarkCTI project (@fastfire.bsky.social), alla ricerca di variazioni DNS e law enforcement.
1/2
La nuova sezione RF Domain Monitor permette il monitoraggio costante dei domini sotto controllo #Ransomfeed e di deepdarkCTI project (@fastfire.bsky.social), alla ricerca di variazioni DNS e law enforcement.
1/2
📢 We interviewed Gabi, a member of the #Cyber #Toufan group. This group, active since October 2024, has carried out several attacks against #Israeli targets.
The full interview is available at the link deepdarkcti.com/interview-7-...
The full interview is available at the link deepdarkcti.com/interview-7-...
September 3, 2025 at 8:03 PM
📢 We interviewed Gabi, a member of the #Cyber #Toufan group. This group, active since October 2024, has carried out several attacks against #Israeli targets.
The full interview is available at the link deepdarkcti.com/interview-7-...
The full interview is available at the link deepdarkcti.com/interview-7-...
📢 At deepdarkcti.com/details-of-t..., you can find a detailed timeline of the main events related to the alleged seizure of the #XSS forum.
⏰ The timeline is constantly updated, taking into account relevant events that are also occurring in recent days.
#deepdarkCTI
⏰ The timeline is constantly updated, taking into account relevant events that are also occurring in recent days.
#deepdarkCTI
August 5, 2025 at 9:11 PM
📢 At deepdarkcti.com/details-of-t..., you can find a detailed timeline of the main events related to the alleged seizure of the #XSS forum.
⏰ The timeline is constantly updated, taking into account relevant events that are also occurring in recent days.
#deepdarkCTI
⏰ The timeline is constantly updated, taking into account relevant events that are also occurring in recent days.
#deepdarkCTI
📢 A new interview is available on the #deepdarkCTI website. This time, community member #Erez interviewed the founder of the #Devman ransomware gang.
👉🏻 You can read the full interview at this link deepdarkcti.com/interview-6-...
👉🏻 You can read the full interview at this link deepdarkcti.com/interview-6-...
July 15, 2025 at 8:36 AM
📢 A new interview is available on the #deepdarkCTI website. This time, community member #Erez interviewed the founder of the #Devman ransomware gang.
👉🏻 You can read the full interview at this link deepdarkcti.com/interview-6-...
👉🏻 You can read the full interview at this link deepdarkcti.com/interview-6-...
If you want to contribute, I created this project where I'm cataloging the Telegram channels of the various groups related to the Israel-Iran conflict, shared by @cyberknow.bsky.social github.com/fastfire/Isr...
GitHub - fastfire/IsraelIranConflict: List of groups that are carrying out cyber actions in the conflict between Israel and Iran.
List of groups that are carrying out cyber actions in the conflict between Israel and Iran. - fastfire/IsraelIranConflict
github.com
June 18, 2025 at 8:31 PM
If you want to contribute, I created this project where I'm cataloging the Telegram channels of the various groups related to the Israel-Iran conflict, shared by @cyberknow.bsky.social github.com/fastfire/Isr...
📢 New Critical Vulnerabilities Disclosed for Citrix Netscaler support.citrix.com/support-home...
Loading...
support.citrix.com
June 17, 2025 at 6:49 PM
📢 New Critical Vulnerabilities Disclosed for Citrix Netscaler support.citrix.com/support-home...
We interviewed #Se7en, the founder of #Exodus #Market, a platform for selling #infostealers #logs.
Read the full interview here deepdarkcti.com/interview-5-...
Read the full interview here deepdarkcti.com/interview-5-...
June 10, 2025 at 7:34 PM
We interviewed #Se7en, the founder of #Exodus #Market, a platform for selling #infostealers #logs.
Read the full interview here deepdarkcti.com/interview-5-...
Read the full interview here deepdarkcti.com/interview-5-...
New ransomware gang #RunSomeWares DLS. 4 victims claimed. Already indexed on #deepdarkCTI
February 27, 2025 at 3:40 PM
New ransomware gang #RunSomeWares DLS. 4 victims claimed. Already indexed on #deepdarkCTI
New ransomware gang #Anubis DLS. Already indexed on #deepdarkCTI
February 24, 2025 at 11:00 PM
New ransomware gang #Anubis DLS. Already indexed on #deepdarkCTI
⚔️ New data leak site: #Kraken ransomware gang. The gang seems to be simply a rebrand of #HelloKitty, as of the 5 victim organizations already declared, 2 (Cisco and CDProject) had already been previously declared.
🎯 The DLS link has already been added to #deepdarkCTI (github.com/fastfire/dee...).
🎯 The DLS link has already been added to #deepdarkCTI (github.com/fastfire/dee...).
February 9, 2025 at 8:40 AM
⚔️ New data leak site: #Kraken ransomware gang. The gang seems to be simply a rebrand of #HelloKitty, as of the 5 victim organizations already declared, 2 (Cisco and CDProject) had already been previously declared.
🎯 The DLS link has already been added to #deepdarkCTI (github.com/fastfire/dee...).
🎯 The DLS link has already been added to #deepdarkCTI (github.com/fastfire/dee...).
Some updates regarding the #Gravy #Analytics data breach. I analyzed part of the data shared by TA #nightly on #XSS forum. Some of the numbers involved:
13473 applications
396115 ip
3317 organizations
43586 locations
11 countries
330543 partners email accounts
13473 applications
396115 ip
3317 organizations
43586 locations
11 countries
330543 partners email accounts
January 8, 2025 at 11:38 PM
Some updates regarding the #Gravy #Analytics data breach. I analyzed part of the data shared by TA #nightly on #XSS forum. Some of the numbers involved:
13473 applications
396115 ip
3317 organizations
43586 locations
11 countries
330543 partners email accounts
13473 applications
396115 ip
3317 organizations
43586 locations
11 countries
330543 partners email accounts
Happy Holidays to the amazing #deepdarkCTI community! Our project has reached 4600 stars this year, since the beginning of the project we have had 93 contributors, in the private Telegram channel there are about 100 users, we have counted over 1900 sources! Thank you all so much!
December 23, 2024 at 11:49 AM
Happy Holidays to the amazing #deepdarkCTI community! Our project has reached 4600 stars this year, since the beginning of the project we have had 93 contributors, in the private Telegram channel there are about 100 users, we have counted over 1900 sources! Thank you all so much!
If you don't already... consider following and supporting #deepdarkCTI github.com/fastfire/dee...
GitHub - fastfire/deepdarkCTI: Collection of Cyber Threat Intelligence sources from the deep and dark web
Collection of Cyber Threat Intelligence sources from the deep and dark web - fastfire/deepdarkCTI
github.com
December 10, 2024 at 9:11 PM
If you don't already... consider following and supporting #deepdarkCTI github.com/fastfire/dee...
When you work together with friends, everything is easier! #CyberSec #ThreatIntelligence
December 10, 2024 at 8:55 PM
When you work together with friends, everything is easier! #CyberSec #ThreatIntelligence