Threat Intelligence
Research & Reports
In-depth analysis from Dark Angel's threat intelligence research team. Actionable intelligence across ransomware, regulatory compliance, sector threats, and emerging attack vectors.
The State of Ransomware 2025
Comprehensive annual overview of the ransomware ecosystem covering 8 major groups, victim analysis, sector distribution, geographic spread, and evolving TTPs.
European Cyber Threat Landscape 2025
EU-focused threat assessment across all sectors examining ransomware, state-sponsored espionage, and hacktivism in the context of NIS2 and DORA regulatory frameworks.
NIS2 Directive: Threat Intelligence Requirements for Compliance
A practical guide mapping NIS2 directive articles to threat intelligence capabilities, covering incident reporting, supply chain risk, and sector-specific requirements.
DORA ICT Risk Management: A Threat Intelligence Approach
Financial sector-focused analysis of how threat intelligence supports DORA's five pillars, from ICT risk management to digital resilience testing.
LockBit: A Complete Threat Intelligence Profile
Full dossier covering LockBit's history, infrastructure, affiliate model, TTPs, law enforcement actions, and current operational status.
Ransomware-as-a-Service: The Business Model Behind Modern Extortion
Analysis of RaaS economics, affiliate programs, profit-sharing models, and recruitment pipelines across LockBit, BlackBasta, and ALPHV operations.
Double Extortion: From Data Theft to Leak Site Publication
Lifecycle analysis of double extortion operations from initial access through data exfiltration, victim negotiation, and leak site publication.
Ransomware Attack Chains: A MITRE ATT&CK Analysis
End-to-end kill chain mapping for five major ransomware groups with detection opportunities and defensive countermeasures at each stage.
Maritime and Shipping Sector: Cyber Threat Intelligence Report
Assessment of cyber threats targeting maritime operations including OT/IT convergence risks, GPS spoofing, port disruption, and ransomware campaigns against shipping.
Financial Services Threat Landscape: Intelligence Briefing
Intelligence briefing covering banking trojans, credential harvesting, SWIFT targeting, insider threats, and DORA compliance requirements for financial institutions.
Healthcare Sector Cyber Threat Assessment
Analysis of threats targeting healthcare organizations including patient data exfiltration, medical device vulnerabilities, and ransomware impact on care delivery.
Critical Infrastructure and Energy: Threat Intelligence Report
Assessment of ICS/SCADA threats, nation-state targeting of energy infrastructure, OT network exposure, and NIS2 essential entity requirements.
The Infostealer Ecosystem: Credential Theft and the Supply Chain of Compromise
Deep analysis of the infostealer malware ecosystem including Raccoon, RedLine, and Vidar, stealer log markets, credential reuse chains, and detection methodologies.
Phishing Infrastructure: Detection and Takedown Intelligence
Technical analysis of phishing infrastructure including domain generation, certificate transparency abuse, visual similarity detection, and homoglyph attacks.
Attack Surface Intelligence: Mapping External Exposure
Methodology for external attack surface mapping using Shodan-powered discovery, exposed service enumeration, CVE correlation, and continuous risk scoring.
Supply Chain Compromise: Third-Party Risk Intelligence
Analysis of vendor breach cascading effects, third-party risk monitoring, graph-based risk visualization, and supply chain threat intelligence strategies.
Dark Web Intelligence: OSINT Methodology for Enterprise Security
Comprehensive methodology for dark web intelligence collection covering forums, markets, paste sites, Telegram monitoring, and leak site analysis.
AI-Powered Threat Intelligence: Automation and Augmentation
Exploration of how AI and NLP transform threat intelligence operations, from automated feed processing to natural language querying and report generation.
From Reactive to Proactive: Building a Threat-Informed Defense
Strategic framework for building a threat-informed defense program with TI maturity model, SOC integration, use case development, and measurable ROI.
Unified Threat Intelligence: The Case for Platform Consolidation
Industry analysis of point solution sprawl versus unified TI platforms, examining the 8-module architecture rationale and data correlation benefits.
Need a Custom Threat Assessment?
Dark Angel's research team delivers tailored intelligence briefings for your organization's specific threat landscape and sector requirements.
Request a Briefing