Montreal, Quebec, Canada – April 9, 2025 – Flare, the global leader in Threat Exposure Management, has published a new report that highlights the significant costs and widespread impact of compromised end user accounts from account and session takeover attacks.

Session hijacking has emerged as the preeminent way for cybercriminals to execute account takeover attacks – enabling attackers to bypass traditional and widely used security measures such as multi-factor authentication. Session cookies have become particularly valuable to attackers because they allow them to bypass authentication entirely. By pairing these cookies with other artifacts from stealer logs, and using tools like VPNs and anti-detect browsers, attackers can easily execute session takeovers. 

In its report, “The Account and Session Takeover Economy: Defining Exposure, Costs, and Impact of Compromised End User Accounts”, the Flare team explores the prevalence of session hijacking across a number of industries, highlighting the increasing role in account takeover incidents and the economic impact for organizations.

Through their research and data collection efforts over approximately four years, Flare has uncovered that: 

• The number of exposed accounts is growing at an average of 28% annually
  • Fintech represents the highest annual growth rate at 32%
• There is significant economic impact for organizations on a number of fronts, including:
  • Labor costs for security investigations
  • Fraud losses from account takeovers
  • Lost revenue each year through customer churn 
• Exposure rates vary by industry, with the highest numbers of average monthly compromised sessions occurring in:
  • Social media (462,000/month)
  • Cloud applications (239,000/month)
  • Entertainment platforms (140,000/month)

The report illustrates the urgent need for proactive account takeover prevention strategies, emphasizing the role of automated identity intelligence, session re-authentication policies, and early exposure detection in mitigating the risks associated with session hijacking. 

In response, Flare has recently introduced Flare Account and Session Takeover Prevention (ASTP), which is designed to help large consumer SaaS web applications prevent the takeover of customer accounts. 

Flare ASTP tackles the challenges faced by organizations by collecting and maintaining a world-class dataset of leaked credentials and active session cookies. Organizations can easily access and operationalize this data via API, enabling them to quickly revoke active sessions, proactively combat fraud, and strengthen the security of their users. Flare ASTP fills a critical gap in ATO prevention by addressing the threat posed by stolen cookie sessions, which has become the path of least resistance for cybercriminals to take over accounts. 

“Monitoring and managing compromised session cookies remains a significant blind spot across the industry,” said Jason Haddix, Field CISO at Flare. “Account and session takeover attacks are costing organizations tens of millions of dollars annually, and yet security teams are not taking the threat seriously enough – over 40% of corporate security teams don’t terminate active sessions in response to corporate security incidents.”

“There is a significant need for security teams to improve or augment their detection and response strategies, and shift to proactively identifying, monitoring, and remediating exposed sessions before they can be exploited,” said Nick Ascoli, Director of Product Strategy at Flare. “With Flare ASTP, security teams have access to a combination of existing leaked credentials API alongside the new “Cookie Jar” API, to help them effectively identify compromised user accounts and sessions and stop these threats.”

Visit the Flare website to learn more about Flare ASTP, and download Flare’s recent report, “The Account and Session Takeover Economy” to read more about the organizational impact of account takeover attacks. 

About Flare

Flare is the leader in Threat Exposure Management, helping organizations of all sizes detect high-risk exposures found on the clear and dark web. Combining the industry’s best cybercrime database with a ridiculously intuitive user experience, Flare enables customers to reclaim the information advantage and get ahead of threat actors. For more information, visit https://flare.io.

The post New Report From Flare Highlights Significant Costs and Industry Impact of Account and Session Takeover Attacks appeared first on Flare | Cyber Threat Intel | Digital Risk Protection.

Montreal, Quebec, Canada – January 28, 2025 – Flare, the global leader in Threat Exposure Management, has introduced Flare Academy, an educational hub featuring interactive online training offered free-of-charge to cybersecurity professionals. 

Led by Flare’s team of subject matter experts, Flare Academy offers a variety of online training modules on the latest cybersecurity threats to enhance the education and knowledge of cybersecurity practitioners. These sessions will highlight a variety of important topics, including investigation and intelligence gathering on cybercrime forums, techniques for deanonymizing threat actors, and ransomware analysis and infiltration. 

Through interactive training sessions, security professionals can upgrade their skills and knowledge on a variety of cybercrime and cybersecurity topics, and earn CPE credits toward security certifications. And with the Flare Academy Discord Community, members can build relationships with other practitioners for continuous learning and engagement.

“Flare Academy will provide cybersecurity professionals with access to training, collaborative discussions, and cutting-edge resources,” said Mathieu Lavoie, CTO & Research Team Lead at Flare. “We’ve launched this program with the goal of helping to empower security professionals with the training and information they need to stay ahead of threats and build a stronger, safer digital world.”

A number of training modules are currently available for registration, including: 

• Deep Privacy in the Age of the Panopticon: Opsec Fundamentals
• Cybercrime Forums: Investigation and Intelligence Gathering

For more information about Flare Academy, and to register for upcoming modules, visit https://flare.io/trainings/.

The post Flare Launches Flare Academy appeared first on Flare | Cyber Threat Intel | Digital Risk Protection.

Investment will enable cybersecurity leader to tackle threat exposure management market

Montreal, Quebec, Canada – December 11, 2024 – Flare, the global leader in Threat Exposure Management (TEM), announced today its USD $30 Million Series B Round led by Base10 Partners with participation from Inovia Capital, White Star Capital, and Fonds de solidarité FTQ. Flare has seen consistent traction with triple digit year over year growth in both 2023 and 2024. 

Flare expects to increase investments in EU expansion and further accelerate growth in North America and Europe more broadly. As Flare continues to expand its market presence, the solution has been pivotal in driving growth for its customers. 

“What sets Flare apart is their superior data collection capabilities – providing us with actionable intelligence on attacker-used credentials and target systems that directly informs our testing,” said Kevin Johnson, CEO of Secure Ideas. “The platform integrates seamlessly into our business model, allowing us to deliver more realistic and valuable assessments to our clients. In an industry where staying ahead of threat actors is crucial, Flare’s comprehensive threat intelligence capabilities significantly outperform competing solutions.” 

The Series B funding aligns Flare as the leader in Security Intelligence and Threat Exposure Management for the enterprise and mid-market. Flare is focused on leveraging the latest advances in Language Models and advanced data science techniques to extract insights out of one of the world’s most sophisticated cybercrime data sets.

“Flare’s rapid growth and relentless drive for innovation make it a natural fit for us to partner with them,” said Jason Kong, Partner at Base10 Partners. “Norman and team have taken a unique approach to threat exposure management that raises the bar in cyber intelligence, empowering security teams to stay ahead in an increasingly complex landscape. Flare’s dedication to integrating advanced language models and data science to deliver meaningful, actionable insights aligns for cybersecurity perfectly with our mission to support founders who solve real-world problems for the many, not just the few.”

In August 2024, Flare launched its Threat Flow module – the security industry’s first transparent generative AI application that delivers timely, relevant, and trustworthy reports of threat actor activity on the dark web, enabling scaled research and reporting for security teams, validated with a 98% accuracy.

Industry analyst and cybersecurity thought leader Richard Stiennon, former Gartner VP and current Chief Research Analyst at IT Harvest, offers insight into the impact of Flare’s innovations. “With this investment round, Flare is well-positioned to enhance its exposure data collection capabilities and advance the application of generative AI in threat intelligence use cases,“ said Stiennon.

To learn more, visit https://flare.io.

About Flare

Flare is the leader in Threat Exposure Management, helping organizations of all sizes detect high-risk exposure found on the clear and dark web. Combining the industry’s best cybercrime database with an incredibly intuitive user experience, Flare enables customers to reclaim the information advantage and get ahead of threat actors. For more information, visit https://flare.io.

About Base10 Partners

Founded by Adeyemi Ajao and TJ Nahigian, Base10 is a San Francisco-based venture capital fund investing in founders who believe purpose is key to profits and in companies that are automating sectors of the Real Economy. Through its program the Advancement Initiative, Base10 donates a portion of firm profits to underfunded colleges and universities to support financial aid and other key initiatives. Portfolio companies include Notion, Figma, Stripe, Wealthsimple, SecureFrame, Todyl, and Riot.

Media Contact

Chloe Martineau

press@flare.io

1-833-685-3527

The post Flare Raises $30M Series B Led By Base10 Partners to Lead the Security Intelligence and Threat Exposure Markets appeared first on Flare | Cyber Threat Intel | Digital Risk Protection.

L’investissement permettra au leader de la cybersécurité de se placer à la tête du marché de la gestion de l’exposition aux cybermenaces.

Montréal, Québec, Canada — 11 décembre 2024 — Flare, le leader en gestion de l’exposition aux cybermenaces, annonce aujourd’hui sa ronde de financement de Série B de 30 millions USD, menée par Base10 Partners avec la participation d’Inovia Capital, de White Star Capital et du Fonds de solidarité FTQ. Flare a connu une traction constante, supportée par une croissance à trois chiffres année après année depuis 2023.

Flare prévoit augmenter ses investissements pour développer ses activités en Europe ainsi que pour accélérer sa croissance en Amérique du Nord. Tandis que l’entreprise continue de déployer sa présence sur le marché, la solution a joué un rôle déterminant dans la croissance de ses clients.

« Ce qui distingue Flare, ce sont ses capacités supérieures en collecte de données. Flare fournit du renseignement exploitable sur les identifiants utilisés par les cybercriminels et sur les systèmes ciblés, ce qui informe directement nos tests de sécurité », a déclaré Kevin Johnson, directeur général de Secure Ideas. « La plateforme s’intègre parfaitement à notre modèle d’entreprise, ce qui permet de fournir à nos clients des évaluations plus réalistes et plus utiles. Dans notre secteur, il est critique de garder une longueur d’avance sur les cybercriminels. En renseignements sur les cybermenaces, les capacités de Flare surpassent largement les solutions concurrentes. »

Ce financement de Série B permettra à Flare de consolider sa position de leader dans le domaine du renseignement en cybersécurité et de la gestion de l’exposition aux cybermenaces pour les entreprises. Flare est centré sur la mise en oeuvre des dernières avancées des technologies des grands modèles de langage (“Large Language Models”) et des techniques de pointe en science des données pour extraire un maximum d’informations de sa banque de données cybercriminelles, l’une des plus sophistiquées au monde.

« La croissance rapide et la volonté inébranlable de Flare en matière d’innovation ont fait de notre partenariat un choix naturel », a déclaré Jason Kong, associé chez Base10 Partners. « Norman et son équipe ont adopté une approche unique en gestion de l’exposition aux cybermenaces. Ils placent la barre haute en cyber intelligence : les équipes de sécurité peuvent garder une longueur d’avance dans un environnement de cybersécurité  de plus en plus complexe. Le dévouement de Flare à intégrer les grands modèles de langage et de la science des données pour fournir des informations concrètes et exploitables fait que leur  mission s’aligne parfaitement avec la nôtre: soutenir les fondateurs qui veulent résoudre des problèmes concrets pour le plus grand nombre de personnes possible. »

En août 2024, Flare a lancé son module Threat Flow, la première solution d’IA générative transparente en cybersécurité. L’application fournit des rapports pertinents et fiables sur l’activité cybercriminelle sur le l’internet clandestin (le “dark web”). Elle permet aux équipes de sécurité d’effectuer des recherches et de produire des rapports à grande échelle avec un taux de précision de 98 %.

Richard Stiennon, analyste et leader reconnu dans le domaine de la cybersécurité, anciennement vice-président chez Gartner et présentement analyste en chef de la recherche chez IT Harvest, partage son avis sur l’impact des innovations de Flare: « Avec cette ronde d’investissement, Flare est bien placé pour perfectionner ses capacités de collecte de données d’exposition et pour faire progresser les applications de l’IA générative dans les cas d’utilisation du renseignement sur les cybermenaces. »

Pour en savoir plus, consultez le https://flare.io.

À propos de Flare

Leader en gestion de l’exposition aux cybermenaces, Flare aide les organisations de toutes tailles à détecter les expositions critiques trouvées sur le web visible et l’internet clandestin. En alliant la meilleure base de données cybercriminelles de l’industrie à une expérience utilisateur intuitive, Flare permet à ses clients de reprendre l’avantage sur l’information et de devancer les cybercriminels. Pour obtenir plus d’informations, visitez le https://flare.io.

À propos de Base10 Partners

Fondé par Adeyemi Ajao et TJ Nahigian, Base10 est un fonds de capital-risque basé à San Francisco. Le fonds investit dans les fondateurs qui voient la raison d’être comme la clé de la croissance, ainsi que dans les entreprises qui automatisent des secteurs de « l’économie réelle ». À travers leur programme Advancement Initiative, Base10 fait don d’une partie de leurs bénéfices à des universités et à des collèges sous-financés et à diverses autres initiatives. Les entreprises financées par Base10 comprennent Notion, Figma, Stripe, Wealthsimple, SecureFrame, Todyl et Riot.

Contact média

Chloe Martineau

press@flare.io

1-833-685-3527

The post Dans le cadre d’une seconde ronde de financement menée par Base10 Partners, Flare lève USD$30 millions pour devenir le leader des marchés de l’exposition aux cybermenaces et du renseignement en cybersécurité appeared first on Flare | Cyber Threat Intel | Digital Risk Protection.

Service developed in partnership with NGO-ISAC helps protect non-profits and mission-driven organizations from cybercriminals

Montreal, Quebec, Canada – November 21, 2024 – Flare, the global leader in Threat Exposure Management, is announcing the introduction of Flare 24, an initiative designed to help bolster the cybersecurity defenses of nonprofits and mission-driven organizations. 

The cybercrime landscape has evolved in a concerning direction, with non-profits and mission-driven organizations increasingly targeted. These organizations have an urgent need for robust cybersecurity measures, but oftentimes these solutions are out of reach.

Designed in concert with NGO-ISAC, Flare 24 is an outreach initiative that helps bolster the cybersecurity defenses of nonprofit and mission-driven organizations. Through this program, 24 selected organizations will receive free access to Flare’s Threat Exposure Management solution, as well as support from a dedicated team that will assist in utilizing Flare to identify threats – enabling them to continue their vital work in making the world a better place without having to worry about cybersecurity threats.

“When it comes to stealing sensitive information, cybercriminals do not distinguish between what organizations they are targeting, and mission-driven organizations are as vulnerable, if not more so, as any other company,” said Norman Menz, CEO of Flare. “There is a great need within the mission-driven and non-profit community for help with protecting valuable information, so we are happy to launch this initiative and to help these organizations protect themselves from cyberthreats, and continue to carry out their extraordinary work.” 

Flare 24 is being officially launched today at NGO-ISAC 2024 Conference, taking place at the Ford Foundation Center for Social Justice in New York City. 

“We are so pleased to be partnering with Flare on this incredibly important initiative,” said Timothy Ball, CISO with NGO-ISAC. “We see mission-driven organizations dealing with the repercussions of cyber attacks every day, so having a company like Flare come forward to offer their services to help these organizations bolster their cybersecurity capabilities is fantastic.”

For more information on this initiative, visit https://www.ngoisac.org/grants-flare. 

About Flare

Flare is the leader in Threat Exposure Management, helping organizations of all sizes detect high-risk exposure found on the clear and dark web. Combining the industry’s best cybercrime database with an incredibly intuitive user experience, Flare enables customers to reclaim the information advantage and get ahead of threat actors. For more information, visit https://flare.io.

The post Flare Helps Non-Profits Protect Against Cyberattacks with Launch of Flare 24 appeared first on Flare | Cyber Threat Intel | Digital Risk Protection.

Montreal, Quebec, Canada – August 6, 2024 – Flare, the global leader in Threat Exposure Management, has announced the launch of Threat Flow, the security industry’s first transparent generative AI application that delivers timely, relevant, and trustworthy reports of threat actor activity on the dark web, enabling scaled research and reporting for security teams.

Extracting contextual and actionable insights from dark web sources poses significant technical and logistical challenges. While large language model (LLM) use cases for threat intelligence are promising, LLMs are often opaque and difficult to verify, leaving security leaders skeptical. 

Flare’s platform continuously monitors and scrapes activity from dark web forums. Threat Flow then structures this data into unit summaries, and assigns metadata and attribution tags to optimize it for report generation. 

While most currently available generative AI security applications are used to simply summarize alerts or events, Threat Flow allows users to interact with entirely raw and continuously updated dark web data sets, providing direct access to primary sources for researchers to leverage in their own way, or for security leaders to generate reliable and contextual reports. 

With Threat Flow, users are provided with:

• Concise and current summaries of cybercriminal activity
• Intelligence tailored specifically to the business context of the customer
• Automated report generation
• A transparent architecture that allows users to see individually sourced information

The validation and quality assurance of Threat Flow was completed in concert with members of the EconCrime Lab at the University of Montreal, and the findings released in a report entitled, “The Use of Large Language Models (LLM) for Cyber Threat Intelligence (CTI) in Cybercrime Forums”. The research concluded that Threat Flow outputs are 98% accurate in correctly classifying dark web data across 10 different CTI variables. Threat Flow is the first threat intelligence focused GenAI product to be validated for accuracy in this way.  

“We are excited to launch Threat Flow, and to offer threat hunters, CTI analysts, and research teams an unprecedented depth of actionable intelligence,” said Serge-Olivier Paquette, Chief Product Officer at Flare. “This platform shows how language models can provide deep insights into threat actor activities, and opens the door to other emerging threat analytics. We believe this technology is a game changer in cyber threat intelligence, and are eager to see its impact on strengthening our customers’ cybersecurity defenses.”

To learn more, visit the Flare website. 

About Flare

Flare is the leader in Threat Exposure Management, helping organizations of all sizes detect high-risk exposures found on the clear and dark web. Combining the industry’s best cybercrime database with a ridiculously intuitive user experience, Flare enables customers to reclaim the information advantage and get ahead of threat actors. For more information, visit https://flare.io.

The post Flare Launches Threat Flow appeared first on Flare | Cyber Threat Intel | Digital Risk Protection.

Montreal, Quebec, Canada – April 25, 2024 – Flare, a global leader in Threat Exposure Management, is pleased to announce that renowned cybersecurity expert Jason Haddix has joined the organization as Field CISO. 

Jason Haddix (aka jhaddix) is CEO, hacker, and trainer for Arcanum Information Security, a world class and highly sought cybersecurity assessment and training company. Over his 20-year career in cybersecurity, Jason has held numerous high profile roles, including as CISO of Buddobot, CISO of Ubisoft, Head of Trust/Security/Operations at Bugcrowd, Director of Penetration Testing at HP, and Lead Penetration Tester at Redspin. 

Jason is well-known throughout the cybersecurity community, having authored a number of talks on offensive security methodology. Over the years he has spoken at many high profile security conferences, including DEFCON, BSides, BlackHat, RSA, OWASP, Nullcon, SANS, IANS, BruCon, and Toorcon.

“We are excited to welcome Jason to the Flare team as a strategic advisor. His exceptional background, depth of knowledge, and vision in cyber make him the perfect fit to help us accelerate our expansion and recognition as a leader in Threat Exposure Management,” said Flare CEO Norman Menz. “Jason’s appointment reaffirms our commitment to staying one step ahead in the continually evolving cyber threat landscape, and to maintaining the highest security standards for our clients.”

In his strategic advisory role as Field CISO, Jason will leverage his deep industry expertise to forge connections within the cybersecurity community, and will help guide Flare’s security strategies and product vision. Jason’s diverse background will bring fresh perspectives and help enrich Flare’s approach to addressing critical security challenges and shaping strategic initiatives.

“Joining Flare offers me a unique opportunity to contribute to the company’s mission of excellence in Cyber Threat Exposure Management, while also continuing my commitment to Arcanum,” said Jason. “I’m excited to share my experience and work alongside Flare’s talented team to drive forward-looking security initiatives and cutting-edge product features. I’m looking forward to being an integral part of Flare’s commitment to protecting customers and leveling the playing field for defenders in the cyber security realm.”

To learn more about Flare’s growth in the Threat Exposure Management space, visit https://flare.io/company/.

About Flare

Flare is at the forefront of Threat Exposure Management, delivering AI-driven solutions that provide comprehensive, real-time threat analysis and remediation. With its advanced technology, Flare offers a proactive approach to cybersecurity, scanning the online world, including the clear and dark web, to identify, prioritize, and address potential threats swiftly and efficiently. For more information, visit https://flare.io.

The post Jason Haddix Joins Flare as Field CISO appeared first on Flare | Cyber Threat Intel | Digital Risk Protection.

Montreal, Quebec, Canada – March 26, 2024 – Flare, a global leader in Threat Exposure Management, announced today its acquisition of Foretrace, a U.S.-based data exposure company renowned for its adept team and its unique Total Recon^TM detection engine. 

This acquisition marks a significant milestone in Flare’s journey since being founded in 2017, and comes at a time when the Montreal-based company is celebrating triple digit year-over-year growth in 2023. The deal is believed to be among the first M&As in the Threat Exposure Management (TEM) space since it was first coined by Gartner in 2022. 

“Bringing Foretrace into the Flare family further broadens our capabilities for collecting emergent threat data while also deepening our expertise, ensuring that we can be in a great position to lead the way in TEM,” said Norman Menz, CEO of Flare. “This acquisition is a testament to our commitment to innovation and excellence, as we empower organizations to navigate the threat landscape with confidence and precision.”

The increasing volume and variety of external threat exposures means that organizations are more challenged than ever before with effectively identifying, prioritizing, and mitigating risks across the attack surface. Foretrace’s technology enables improved correlation and contextualization of threat exposure data with generative AI systems trained to provide assistance for users in threat investigations. Adding these improvements to Flare’s platform – which amalgamates the coverage of previously siloed technology solutions such as cyber threat intelligence, attack surface management, and digital risk protection – promises to deliver better outcomes for customers looking to build out TEM programs. 

As part of the deal, Flare also announced that Foretrace founding executives Nick Ascoli and Matt Mosley will be joining the company as Senior Product Strategist and VP of Strategic Partnerships respectively. In addition to founding Foretrace, Ascoli is a decorated cybersecurity innovator who has published several open-source tools, and has presented research at Blackhat, Defcon, GrrCON, SANS, BSides, and other conferences on topics including data leaks, attack surface management, and reconnaissance. Matt Mosley brings three decades of diverse experience in cyber security leadership roles, most notably as VP of Product Management at Cyren, VP of Products at Devo, and CPO and CISO dual roles at PIXM. 

“We are thrilled about joining forces with Flare,” said Mosley. “Together, we are poised to set new standards in threat exposure management, leveraging our combined expertise and innovative technologies to deliver unprecedented value to our customers. We are eager to embark on this exciting new chapter with the Flare team.”

Ascoli added, “At its core, Threat Exposure Management is about applying an adversarial lens to external threats. This was a big part of my mission when I founded Foretrace and I couldn’t be more excited to continue it with Flare.”

For more information about Flare’s innovative solutions and its impactful collaboration with Foretrace please visit https://flare.io. 

About Flare

Flare is at the forefront of Threat Exposure Management, delivering AI-driven solutions that provide comprehensive, real-time threat analysis and remediation. With its advanced technology, Flare offers a proactive approach to cybersecurity, scanning the online world, including the clear and dark web, to identify, prioritize, and address potential threats swiftly and efficiently. For more information, visit https://flare.io.

The post Flare Acquires Foretrace to Accelerate Threat Exposure Management Growth  appeared first on Flare | Cyber Threat Intel | Digital Risk Protection.

Montreal, Quebec, Canada – March 4, 2024 – Flare, the leading Continuous Threat Exposure Management (CTEM) solution provider, has announced the availability of Supply Chain Ransomware Exposure Monitoring. This solution delivers unique visibility and proactive security across the extended supply chain, transforming how organizations can manage and mitigate threat exposures that exist within ransomware data leaks. 

In 2023, Flare’s platform tracked over 50 active ransomware groups and over 5500 victims, which represented a 160% year-over-year increase from 2022. While many organizations have placed added emphasis on their own ransomware prevention posture, the increasing volume and velocity of ransomware attacks make it a virtual certainty that a member of any organization’s supply chain will be a victim at some point. Current approaches to third-party risk such as security questionnaires and vulnerability scanning provide some visibility into the security controls of vendors in a supply chain, but they typically don’t provide precise information about the threat exposures that exist within ransomware data leaks.

By leveraging AI-powered analytics and world-class threat intelligence of ransomware groups, Flare’s solution empowers businesses to identify and respond to threat exposures within minutes of their appearance. It complements traditional third-party risk management, and boosts compliance efforts by providing highly contextual and precise intelligence on the most impactful security events occurring in an organization’s supply chain.

Flare’s Supply Chain Ransomware Exposure Monitoring solution offers organizations a number of important capabilities, including:

• Visibility across known and unknown supply chain entities
• Real-time alerting of ransomware leaks
• Rapid and precise evaluation of threat exposures
• Contextual intelligence to help boost compliance efforts

“At a time when ransomware threats are a constant concern for businesses, Flare is introducing a solution aimed at addressing a critical vulnerability – the security of our supply chains,” said Mathieu Lavoie, Co-Founder and CTO at Flare. “Flare’s Supply Chain Ransomware Exposure Monitoring is built on the principle that understanding and mitigating risks requires more than just vigilance; it demands proactive, intelligent strategies. Our solution offers businesses a way to quickly identify and respond to potential ransomware exposures within their supply chain. It’s about providing clarity and actionable insights in a complex security landscape, and helping firms to not only manage risk, but to enhance their overall security posture.”

About Flare

Flare provides the leading Continuous Threat Exposure Management (CTEM) solution for organizations. Our AI-driven technology constantly scans the online world, including the clear & dark web, to discover unknown events, automatically prioritize risks, and deliver actionable intelligence you can use instantly to improve security. Our solution integrates into your security program in 30 minutes to provide your team with actionable intelligence and automated remediation for threats across the clear & dark web. Flare is headquartered in Montreal, Quebec, Canada. For more information, visit https://flare.io/. 

The post Flare Announces Supply Chain Ransomware Exposure Monitoring appeared first on Flare | Cyber Threat Intel | Digital Risk Protection.

The report, “The Cybercrime Ecosystem and U.S. Healthcare in 2023”, examines the impact of cybercrime on the healthcare sector. Flare examined seven years of archived data from the dark web, 21 million stealer logs, and thousands of posts found on top-tier dark web forums to understand how cybercriminals are targeting healthcare and how the threat landscape is shifting for healthcare organizations. 

A variant of malware called infostealer is resulting in hundreds of thousands of corporate credentials being distributed on the dark web and Telegram, with an estimated 20% of U.S. healthcare organizations affected over the past six months. Flare has discovered that:

• 19.4% of healthcare organizations have had leaked credentials containing corporate access distributed on the dark web and Telegram in the past six months. This included access to corporate single sign-on applications, email, and other critical applications. 
• Initial access brokers have sold privileged IT access for six healthcare organizations in the past 12 months.
• Data extortion ransomware attacks against healthcare organizations are up 144% on an annualized basis in 2023, representing a significant and rapid expansion in data extortion ransomware tactics.

“We continue to see the rapid commodification and commercialization of the cybercrime ecosystem,” said Eric Clay, VP Marketing at Flare. “Groups are becoming more sophisticated and building increasingly intricate supply chains which are enabling economies of scale and a precipitous rise in attacks against healthcare organizations.”

To take a deeper dive into this research and the impact that cybercrime is having on the healthcare industry, read the full report at https://flare.io/learn/resources/the-cybercrime-ecosystem-and-u-s-healthcare-in-2023/.

About Flare

Flare provides the Continuous Threat Exposure Management (CTEM) solution for organizations. Our AI-driven technology constantly scans the online world, including the clear & dark web, to discover unknown events, automatically prioritize risks, and deliver actionable intelligence you can use instantly to improve security. Our solution integrates into your security program in 30 minutes to provide your team with actionable intelligence and automated remediation for threats across the clear & dark web. Flare is headquartered in Montreal, Quebec, Canada. For more information, visit https://flare.io/. 

The post New Report from Flare Highlights Growing Cybercrime Threats to U.S. Healthcare Sector in 2023 appeared first on Flare | Cyber Threat Intel | Digital Risk Protection.