fastfire

⚔️ The #SATAYO TIP becomes a key element in the continuous #threat #hunting process thanks to seamless integration with long-standing benchmark tools like Elastic Security and #MISP. 👉🏼 Read the full article at the link neteye-blog.com/2026/03/from-s…

☢️ In recent days, the pro-Iran group #Handala has publicly released information regarding more than 180 profiles associated to the #Israeli #Air #Force and other strategic organizations/sectors. 👉🏼 Full article at deepdarkcti.com/handala-and-th…

📢 New #Insomnia ransomware gang. ☢️ Active since October 2025, 17 victims published on their data leak site. 👉🏼 Onion link and TOX ID already available on #deepdarkCTI github.com/fastfire/deepd…

📌 How is the ransomware gang landscape evolving after the #RAMP forum seizure? 🔴 Another well-known forum seems to be becoming a point of reference in this field. 👉🏼 We discuss it in the article you can read at this link neteye-blog.com/2026/02/from-r…

@0x6rss Yes, that chat contained a goldmine of information! === BAPHCHAT TELEGRAM CHAT ANALYSIS === Total records: 575,151 Unique users who wrote at least one message: 11,699 Top 3 most active users: MissRose_bot: 11,362 posts brucerivers: 7,534 posts astounding: 7,442 posts

Telegram channel belonging to DarkForums (The Jacuzzi) has been banned. It was a channel I had been following, but what made it distinctive was its cycle of ownership transfers. Initially, it was associated with BreachForums (BaphChat), then it was taken over by the FBI. Afterwards, it was put up for sale by an actor named “weep,” and finally it was used by DarkForums under the name “The Jacuzzi.” Although this lifecycle raises questions, it has left behind an archive consisting of thousands of messages.

With 2025 now behind us, we can make some observations regarding the landscape of double-extortion #ransomware #attacks. ❓ Which ransomware gangs were the most active? ❓ Which sectors and countries were most affected? 👉🏻 Read the full article here neteye-blog.com/2026/01/ransom…

📢 Recap of what happened in #deepdarkCTI in 2025: ✅ 586 commits ✅ 35 contributors ✅ 6,400 stars on GitHub ✅ 8 articles on deepdarkcti.com ✅ 129 active users within the Telegram channel ✅ a total of 2,465 sources 🙏 Many thanks to the #deepdarkCTI community!

A new interview is available on the #deepdarkCTI project blog. This time, the interview concerns the #Benzona ransomware gang. 👉 You can read the full interview here deepdarkcti.com/interview-8-be…

@MOHAMMADNI24249 Hi, the Telegram group of the project is reserved for contributors to the project itself. If you make a pull request to the project in Github by adding a source or if you want to write me in pvt, then I can send you the invitation link. Thank you!

@fastfire Hello, I’m interested in contributing to your CTI project. How can I request access to the Telegram group?

🔴The problem of properly integrating #Threat #Intelligence into #Security #Operations processes is a recurring one. 📌 I wrote an article in which I described the integration process we have implemented. 👉🏻 Read the article here neteye-blog.com/2025/11/embedd…

@securityaffairs @sonoclaudio @signorina37H Likely related to the launch of Tor VPN (August 28) given the date of the first spike (September 1)

Avete notato questo aumento anomalo nel numero di utenti connessi alla rete Tor negli ultimi mesi? Di cosa si tratta? Malware con C2 in rete Tor o cosa? @sonoclaudio @signorina37H

@gossy_84 Thanks for mentioning the project! I'm really happy it can be useful for those new to CTI or those who have been involved in it for a while. This motivates me every day to dedicate time to growing the deepdarkCTI project.

New to CTI? The "deepdarkCTI” GitHub repo is your starter pack: buff.ly/9O7LCGl It's a goldmine of links to the tools and sites you need to know about, saving you hundreds of hours of searching. Find the best resources for CTI all in one place.

#Ransomware 📣 NEW FEATURE La nuova sezione RF Domain Monitor permette il monitoraggio costante dei domini sotto controllo #Ransomfeed e di deepdarkCTI project (@fastfire), alla ricerca di variazioni DNS e law enforcement. 1/2

@AlvieriD Thank you @AlvieriD

What you’ve all been waiting for New Scattered Spiders leak site /shinypogk4jjniry5qi7247tznop6mxdrdte2k6pdu5cyo43vdzmrwid[.]onion

📢 On October 23rd, I will have the pleasure of participating in the #NetEye #Conference 2025 as a speaker with the talk "From Intelligence to Action: Embedding TI into Your Security Operations". 👉🏼 You can register here wuerth-phoenix.com/neteye-confere…

📢 We interviewed Gabi, a member of the #Cyber ​​#Toufan group. This group, active since October 2024, has carried out several attacks against #Israeli targets. The full interview is available at the link deepdarkcti.com/interview-7-cy…

📢 At deepdarkcti.com/details-of-the…, you can find a detailed timeline of the main events related to the alleged seizure of the #XSS forum. ⏰ The timeline is constantly updated, taking into account relevant events that are also occurring in recent days. #deepdarkCTI

📢 A new interview is available on the #deepdarkCTI website. This time, community member #Erez interviewed the founder of the #Devman ransomware gang. 👉🏻 You can read the full interview at this link deepdarkcti.com/interview-6-de…

If you want to contribute, I created this project where I'm cataloging the Telegram channels of the various groups related to the Israel-Iran conflict, shared by @Cyberknow20 github.com/fastfire/Israe…

📢 New Critical Vulnerabilities Disclosed for Citrix Netscaler support.citrix.com/support-home/k…