Flare Systems
Plateforme de cybersécurité qui surveille le dark web et le web clair pour détecter les fuites de données des entreprises.
Les signaux additionnels (documents, emplois, communiqués, contacts…) sont des bonus : leur absence est normale selon le type d'organisation et ne réduit pas la visibilité.
2 contacts
30 signaux
Automated Telegram Bot Uses One Leak to Compile a Full Dossier: From Single Email Address to Complete Victim Profile
<p>By Andréanne Bergeron, Security Researcher Data breaches are so common that they have almost become background noise. A notification email arrives, a password reset is suggested, and most people move on. This normalization is dangerous, not because individual breaches are trivial, but because it obscures how threat actors actually use stolen data. The real threat […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/automated-telegram-bot-data-aggregation">Automated Telegram Bot Uses One Leak to Compile a Full Dossier: From Single Email Address to Complete Victim Profile</a> appeared first on <a href="https://flare.io">Flare | Identity First Threat Intelligence | Unmatched Visibility into Cybercrime</a>.</p>
The Underground Economy of Illegal 2026 FIFA World Cup Streaming
<p>By Assaf Morag, Cybersecurity Researcher Illegal sports streaming platforms aren’t simple copyright infringement operations. In 2026, they represent a mature underground ecosystem combining cybercrime, malware distribution, credential theft, financial fraud, and large-scale monetization networks. Major global sporting events (including soccer leagues, UFC fights, Formula 1 races, NBA playoffs, and international tournaments) consistently drive spikes in […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/underground-economy-illegal-fifa-world-cup-streaming">The Underground Economy of Illegal 2026 FIFA World Cup Streaming</a> appeared first on <a href="https://flare.io">Flare | Identity First Threat Intelligence | Unmatched Visibility into Cybercrime</a>.</p>
KeyCat Stealer Uncovered: Inside a $40 Multi-Platform Infostealer with Telegram C2 and Active Staging Infrastructure
<p>By Sukant Kumar, Cybersecurity Researcher For $40 and a tutorial video, anyone can deploy a fully functional information stealer with credential harvesting, screen capture, Wi-Fi password extraction, file collection, persistence installation, and remote access, all controlled through a Telegram bot. KeyCat is a Python-based, multi-platform infostealer and remote access toolkit targeting both Windows and Linux […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/keycat-stealer-multi-platform-infostealer">KeyCat Stealer Uncovered: Inside a $40 Multi-Platform Infostealer with Telegram C2 and Active Staging Infrastructure</a> appeared first on <a href="https://flare.io">Flare | Identity First Threat Intelligence | Unmatched Visibility into Cybercrime</a>.</p>
Your Patients’ Records Are Worth More Than Their Bank Account Numbers
<p>By Andréanne Bergeron, Security Researcher When security leaders think about data breaches, the instinct is to worry about credit cards, bank accounts, and passwords. Those concerns are legitimate. But our analysis of hundreds of PII price points observed across underground forums and dark web markets tells a different story: personal health data is the most […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/healthcare-record-costs-dark-web">Your Patients’ Records Are Worth More Than Their Bank Account Numbers </a> appeared first on <a href="https://flare.io">Flare | Identity First Threat Intelligence | Unmatched Visibility into Cybercrime</a>.</p>
FalkonC2 is Getting Ridiculously Stealthy
<p>By Tammy Harper, Senior Threat Intelligence Researcher If you haven’t seen this hitting your feeds yet, it’s time to put FalkonC2 on your radar. This isn’t your standard open-source repackage; it’s a highly tailored, commercial C2 framework written completely from scratch in C++ and MASM64. The developers designed this thing with two main goals: making […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/falkonc2">FalkonC2 is Getting Ridiculously Stealthy</a> appeared first on <a href="https://flare.io">Flare | Identity First Threat Intelligence | Unmatched Visibility into Cybercrime</a>.</p>
What Security Leaders Need to Know About the 2026 DBIR: 50% of Ransomware Victims Had Credential Exposure Within 95 Days
<p>By Bill Bradley, Product Marketing Half of all organizations that fell victim to ransomware in the 2026 Verizon Data Breach Investigations Report (DBIR) had a credential or infostealer event occur within 95 days before the attack. Not 95 days after, but before. The credential exposure preceded the breach, sitting in criminal marketplaces as a priced, […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/2026-verizon-dbir">What Security Leaders Need to Know About the 2026 DBIR: 50% of Ransomware Victims Had Credential Exposure Within 95 Days</a> appeared first on <a href="https://flare.io">Flare | Identity First Threat Intelligence | Unmatched Visibility into Cybercrime</a>.</p>
Inside the Chinese-Language Gambling Infrastructure Targeting the 2026 World Cup
<p>By Assaf Morag, Cybersecurity Researcher We uncovered a large-scale Chinese-language gambling infrastructure using FIFA and World Cup branding to attract traffic, promote offshore betting, and scale event-driven fraud. The activity is not limited to isolated domains or opportunistic scams. Instead, it appears to rely on repeatable templates, shared providers, coordinated operator clusters, and infrastructure designed […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/chinese-language-gambling-infrastructure-targeting-2026-world-cup">Inside the Chinese-Language Gambling Infrastructure Targeting the 2026 World Cup</a> appeared first on <a href="https://flare.io">Flare | Identity First Threat Intelligence | Unmatched Visibility into Cybercrime</a>.</p>
Account Takeover is a Churn Problem: Why 65% of Consumers Abandon Platforms After Fraud
<p>By Bill Bradley, Product Marketing Nearly 50% of consumers say fraud concerns are the top reason they would abandon a website entirely. Not pricing, not a competitor’s feature set, not a bad checkout experience, but fraud.  And the specific type of fraud accelerating fastest is account takeover (ATO), which rose 37% in 2025 even as […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/consumers-abandon-platforms-after-fraud">Account Takeover is a Churn Problem: Why 65% of Consumers Abandon Platforms After Fraud</a> appeared first on <a href="https://flare.io">Flare | Identity First Threat Intelligence | Unmatched Visibility into Cybercrime</a>.</p>
What is the Cost of Your Data on the Dark Web?
<p>By Andréanne Bergeron, Security Researcher, and Renaud Bergeron, Criminology Intern (University of Montreal) What is the most valuable type of data to threat actors? To answer this question, we analyzed 348 real data breach listings spanning from 2008 to 2026 from dark and clear web marketplaces. We actually found that personal health records are the […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/cost-of-data-dark-web">What is the Cost of Your Data on the Dark Web?</a> appeared first on <a href="https://flare.io">Flare | Identity First Threat Intelligence | Unmatched Visibility into Cybercrime</a>.</p>
Anthropic Mythos, AI, and Cybersecurity: What You Need to Know
<p>Anthropic Mythos represents a step change in cyber capabilities. Models have progressed from augmenting human analysts in vulnerability discovery and exploitation to autonomously discovering and writing exploits for zero-day vulnerabilities. This article is a primer for CISOs, security teams, and executives on risks posed by AI systems. Key Takeaways About Anthropic Mythos and Cybersecurity Close […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/anthropic-mythos-ai-cybersecurity">Anthropic Mythos, AI, and Cybersecurity: What You Need to Know</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
What Attackers See When They Look at US Healthcare: A Sector-Wide External Attack Surface Analysis
<p>By Adrian Cheek, Senior Cybercrime Researcher Almost every major intrusion at a US hospital in the last three years began with something small and public. A VPN gateway someone forgot to patch. An Outlook Web Access page sitting on a routable address. A remote-access protocol exposed to the open internet because it was quicker than […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/us-healthcare-sector-wide-external-attack-surface-analysis">What Attackers See When They Look at US Healthcare: A Sector-Wide External Attack Surface Analysis</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
The World Cup Fraud Infrastructure is Nearly Three Times Larger Than We First Reported
<p>By Adrian Cheek, Senior Cybercrime Researcher Recently, we published research documenting a coordinated phishing infrastructure of 79 typosquatting and lookalike domains across 14 IP addresses, all impersonating the official FIFA website. That article walked through the fake ticketing flow, the copycat FIFA Store, and the FIFA ID login page that accepts any credentials a user […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/world-cup-fraud-infrastructure-three-times-larger-than-original-reporting">The World Cup Fraud Infrastructure is Nearly Three Times Larger Than We First Reported</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
Seven Red Flags to Watch Out for to Avoid a 2026 World Cup Ticket Scam
<p>By Assaf Morag, Cybersecurity Researcher The “country” of Velmoraon has no flag, no FIFA ranking, and no population. However, a scammer online has tickets available for the upcoming Germany and Velmoraon match. This instance wasn’t an outlier. In fact, before that, he had also confirmed availability for an Italy vs. Russia match that doesn’t exist […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/2026-world-cup-ticket-scam-red-flags">Seven Red Flags to Watch Out for to Avoid a 2026 World Cup Ticket Scam</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
One Out of Four Infostealer Victims Have Corporate Infrastructure Access
<p>By Andréanne Bergeron, Security Researcher One in four infostealer victims has active access to corporate infrastructure: VPN credentials, SaaS sessions, cloud platforms. Whether they were infected downloading a game mod or a productivity tool doesn’t matter. By the time the log hits a dark web forum, the blast radius is the same. That reality cuts […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/one-out-of-four-infostealer-victims-corporate-infrastructure-access">One Out of Four Infostealer Victims Have Corporate Infrastructure Access</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
Flare Joins the Inaugural 2026 Gartner Magic Quadrant for Cyber Threat Intelligence
<p>By Bill Bradley, Product Marketing Gartner just published its first ever Magic Quadrant for Cyber Threat Intelligence (CTI), and Flare joins the field in this segment as one of the 17 vendors selected out of scores of submissions. This marks recognition of the risks posed by identity exposures, the impact identity-focused CTI vendors have on […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/flare-inaugural-2026-gartner-magic-quadrant-for-cyber-threat-intelligence">Flare Joins the Inaugural 2026 Gartner Magic Quadrant for Cyber Threat Intelligence</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
PamDOORa: Analyzing a New Linux PAM-Based Backdoor for Sale on the Dark Web
<p>By Assaf Morag, Cybersecurity Researcher For $1,600, a threat actor on a Russian cybercrime forum is selling the complete source code for a Linux backdoor that embeds itself in one of the most trusted layers of the operating system: the Pluggable Authentication Module (PAM) stack. The tool, called PamDOORa, is a new PAM-based backdoor, designed […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/pamdoora-new-linux-pam-based-backdoor-sale-dark-web">PamDOORa: Analyzing a New Linux PAM-Based Backdoor for Sale on the Dark Web</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
Downloading Danger: How World Cup Hype Fuels a Global Mobile Malware Ecosystem
<p>By Assaf Morag, Cybersecurity Researcher Soccer fans worldwide are susceptible to the mobile malware pipeline, carefully crafted by threat actors: a scaled, multi-layered mobile-first infrastructure blending illegal betting, fake platforms, and malware delivery. Major sporting tournaments have consistently served as high-impact lures for fraud, phishing, and malware campaigns, and threat actors are already mobilizing to […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/world-cup-global-mobile-malware-ecosystem">Downloading Danger: How World Cup Hype Fuels a Global Mobile Malware Ecosystem</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
Your AI Security Agents Are Only as Good as Your Cybercrime Intelligence
<p>By Serge-Olivier Paquette, Chief Product Officer A credential monitoring agent that misses the stolen SSO token. A threat enrichment pipeline that surfaces last month’s exposure while the attacker operates on a 48-hour cycle. An investigation tool that confidently reports “no findings” because its dataset covers a fraction of the stealer log ecosystem. These are what […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/ai-security-agents-cybercrime-intelligence">Your AI Security Agents Are Only as Good as Your Cybercrime Intelligence</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
From Pirated Software to Full Access to FIFA: Tracing the 2026 World Cup Infostealer Pipeline
<p>By Assaf Morag, Cybersecurity Researcher Imagine that someone searches for a free PDF editor. They click a link on a website that seems legitimate, get bounced through a chain of disposable redirect domains, and download what looks like legitimate software. Buried inside the ZIP file is a hijacked Steam binary that silently loads an infostealer. […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/2026-world-cup-infostealer-pipeline">From Pirated Software to Full Access to FIFA: Tracing the 2026 World Cup Infostealer Pipeline</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
Inside the Floor: A Quantitative Analysis of 1 Year Exploit Forum Data
<p>Inside the Trade Floor Top Act I II III IV V VI VII flare.io interactive · — Inside the Trade Floor Major data breaches make the news regularly. But the vast majority of cybercrime is aimed at consumers. We set out to understand how common — and how structured — the sliver that targets companies […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/inside-the-floor-a-quantitative-analysis-of-1-year-exploit-forum-data">Inside the Floor: A Quantitative Analysis of 1 Year Exploit Forum Data</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
Monitoring Cyberattacks Directly Linked to the US-Israel-Iran Military Conflict
<p>This Flare brief covers confirmed and credibly reported cyber operations from the last 24 hours linked to the US-Israel-Iran conflict. Day 57 of the conflict.  No new high-confidence cyber incidents were attributed in the April 24-25 window. Unit 42, CISA, FBI, Check Point, DomainTools, Halcyon, and industry tracking did not publish new attributed attacks, advisories, […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/cyberattacks-us-israel-iran-military-conflict">Monitoring Cyberattacks Directly Linked to the US-Israel-Iran Military Conflict</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
Inside a Telegram Session Stealer: How a Pastebin-Hosted PowerShell Script Targets Desktop and Web Sessions
<p>By Sukant Kumar, Cybersecurity Researcher A PowerShell script titled “Windows Telemetry Update” sounds like the kind of routine system process most users would never question. This is exactly what the threat actor author was counting on. Flare flagged this Pastebin-hosted script as a high-severity threat, and our analysis revealed a purpose-built Telegram session stealer that […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/telegram-session-stealerpastebin-hosted-powershell-script-targets-desktop-web-sessions">Inside a Telegram Session Stealer: How a Pastebin-Hosted PowerShell Script Targets Desktop and Web Sessions</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
You Won’t Get the Ticket or Your Money Back: Inside the World Cup 2026 Ticket Fraud Operation
<p>By Assaf Morag, Cybersecurity Researcher The most expensive 2026 FIFA World Cup tickets cost almost $7,000 (for now), and the tickets are hundreds of dollars in the group stage seats. As prices surge and availability tightens, fans are increasingly pushed toward secondary markets, bundled travel packages (with flights and lodging included, the total cost can […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/inside-world-cup-2026-ticket-fraud-operation">You Won’t Get the Ticket or Your Money Back: Inside the World Cup 2026 Ticket Fraud Operation</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
Massive World Cup Consumer Fraud Infrastructure Targets Fans Before Kickoff
<p>By Assaf Morag, Cybersecurity Researcher While hundreds of millions of soccer fans worldwide eagerly await the kickoff of the 2026 FIFA World Cup, threat actors are preparing just as intensely to deploy nefarious fraud schemes against unsuspecting supporters. We have uncovered a large-scale phishing and consumer fraud infrastructure designed to exploit this global excitement. The […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/massive-world-cup-consumer-fraud-infrastructure">Massive World Cup Consumer Fraud Infrastructure Targets Fans Before Kickoff</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
How Phantom Carbon Credits and Identity Wallet Exploitation are Reshaping Global Fraud
<p>By Adrian Cheek, Senior Cybercrime Researcher Two fraud categories are converging on the global stage right now, and neither has received the attention it deserves. The first involves carbon credits and ESG compliance, where a volatile mix of political pressure, weak verification, and enormous sums of money has created fertile ground for manipulation on an […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/phantom-carbon-credits-identity-wallet-exploitation">How Phantom Carbon Credits and Identity Wallet Exploitation are Reshaping Global Fraud</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
Validating Thousands of Credentials at Scale: Lessons from Six Months of Identity Exposure Management
<p>By Mark MacDonald, Director of Product Marketing Six months ago, we launched Identity Exposure Management (IEM), a solution that pairs Flare’s world-class database of stealer logs, leaked credentials, and related identity exposures with automated validation and remediation through integration with the customer’s Microsoft Entra ID environment. Since then, over 100 organizations have deployed it in […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/validating-thousands-credentials-at-scale">Validating Thousands of Credentials at Scale: Lessons from Six Months of Identity Exposure Management</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
Threat Briefing for CISOs: Staying Ahead of the Industrialized Phishing Economy
<p>By Flare Research Phishing has quietly crossed a strategic threshold. What began as low-effort social engineering has evolved into a fully industrialized underground economy, complete with modular tooling, subscription pricing, customer support, affiliates, and rapid innovation cycles.  In 2026, phishing kits and phishing-as-a-service (PhaaS) platforms dominate the cybercriminal marketplace, with a clear focus on bypassing […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/threat-briefing-cisos-staying-ahead-industrialized-phishing-economy">Threat Briefing for CISOs: Staying Ahead of the Industrialized Phishing Economy</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
The Identity Kill Chain: A Complete History of Identity Security from Passwords to AI Agents
<p>By Serge-Olivier Paquette, Chief Product Officer How six decades of architectural decisions created, and continue to shape, the primary attack surface of the modern enterprise. In 1962, a Ph.D. candidate at MIT named Allan Scherr printed out the CTSS (Compatible Time-Sharing System) password file to steal extra computing time. 63 years later, a self-replicating npm […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/identity-kill-chain-complete-history-identity-security">The Identity Kill Chain: A Complete History of Identity Security from Passwords to AI Agents</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
State of the Dark Web in 2026: Russian-Speaking Cybercrime Ecosystem, Continued Threat of Infostealer Malware & Telegram
<p>By Christopher Budd, Cybersecurity Evangelist What is the state of the dark web right now? The guiding theme is: the dark web isn’t static, it functions as a market economy with new sites and shops going up and down on a routine basis. And it presents unexpected, unforeseeable developments. Eric Clay (CMO) and Mathieu Lavoie […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/state-of-the-dark-web-2026">State of the Dark Web in 2026: Russian-Speaking Cybercrime Ecosystem, Continued Threat of Infostealer Malware & Telegram</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
What Infostealer Victims Have in Common: 2 Behavioral Patterns That Should Reshape Cybersecurity Training
<p>By Andréanne Bergeron, Security Researcher Cyberattacks are not purely technological events. They are social interactions in which attackers exploit predictable cognitive biases, emotional triggers, and behavioral tendencies. Traditional cybersecurity training often misses this reality. Standardized modules, annual compliance courses, and generic policy acknowledgments are widely implemented, but their effectiveness in changing real-world behavior remains limited. […]</p> <p>The post <a href="https://flare.io/learn/resources/blog/what-infostealer-victims-have-in-common">What Infostealer Victims Have in Common: 2 Behavioral Patterns That Should Reshape Cybersecurity Training</a> appeared first on <a href="https://flare.io">Flare | Threat Exposure Management | Unmatched Visibility into Cybercrime</a>.</p>
Vous représentez Flare ?
Revendiquez cette fiche pour contrôler les données publiées et devenir la source officielle consultée par les agents IA.
Revendiquer cette fiche →