Threat Intelligence
Q4 2024 Cyber Threat Landscape: Gone Phishing. Evolving Techniques Keep Organizations on the Hook
February 26, 2025
by George Glass, Keith Wojcieszek
Cyber Threat Intelligence
Kroll's cyber threat intelligence services are fueled by frontline incident response intel and elite analysts to effectively hunt and respond to threats. Our team aligns Kroll’s technical intelligence, analytical research and investigative expertise to improve your visibility and provide expert triage, investigation and remediation services.
Talk to an ExpertUtilizing frontline threat intelligence from handling thousands of cyber incidents every year, our team can deliver more visibility against emerging threats and offer actionable steps to minimize risk and protect against operational and reputational damage. Our experts bring their combined experience in the U.S. Secret Service, the FBI, Fortune 100 and the National Cyber Forensic Training Alliance (NCFTA) to follow even the most obfuscated or opaque data trails.
How Threat Intelligence can Enhance Your Business
High-trust Frontline Intel Directly From IR Cases
Efficient Hunting and Threat Analysis
Enriched Threat Detection and Sharing
All Intel Vetted by Seasoned Analysts
Kroll cyber threat intelligence analysts cross-correlate a variety of open source, private feeds and dark web data with frontline data collected from thousands of annual incidents worked on by Kroll experts, filtering out false positives, duplicates and general noise. This unique formula enables timely, meaningful and actionable intelligence that empowers more efficient hunting, improves threat detection, provides domain monitoring, helps in complex litigation, and can preserve organizations’ operations and reputations.
Digital Footprint Intelligence
Digital Footprint Intelligence
Our analysts can determine the digital footprint of an organization based on intel gathered and analyzed from millions of data sources. We provide detailed insight into an organization’s digital exposure, which allows stakeholders to make better-informed business decisions. This includes:
- Would-be impact analysis of an incident for client and counsel
- Identify breach exposure and provide witness testimony as part of litigation
- Bespoke threat landscape briefings with actionable advice
- Cyber risk assessments and due diligence reports
- Social media and due diligence investigations
Example Engagement: Digital Footprint Intelligence
The Kroll team conducted a cyber security assessment and ran due diligence reports for a retail company that was looking to understand the cyber risks associated with the expansion of its digital footprint in a new market. Kroll helped the company identify region-specific threats, local litigation challenges and regulatory requirements. The insights were then used to inform decision-making, including risk mitigation strategies such as insurance policies.
Digital Threat Response
Digital Threat Response
Unique intelligence powers our rapid detection, response and remediation capabilities during a cybersecurity event. We utilize data from our thousands of incident response engagements to help determine how to best respond. We provide:
- Investigative support to provide insight during an active cyber incident
- Client data preservation services if confidential data is leaked or exposed
- Real-time intelligence curation to report on new and emerging tactics, techniques and procedures (TTPs)
Example Engagement: Digital Threat Response
A financial institution was targeted in a ransomware attack. Kroll was engaged for digital threat response, where our experts analyzed threat actor downloads, confirmed that the data was unique to the organization and assisted the company in understanding the access the threat actor obtained in their network and the data that was exfiltrated. This intelligence triggered further investigative action and public notification.
Digital Risk Protection
Our dark web monitoring and domain monitoring is run by experts with decades of experience, giving organizations visibility into their exposure through intelligence mining from the deep corners of the dark web. The insights generated allow firms to reduce the financial and reputational damage of a cyberattack.
Deep and Dark Web Monitoring
Our analysts will mine the dark web to determine clients’ exposure for either due diligence purposes or to assess the extent of compromised information.
Social Media Threat Monitoring
We will monitor common social media and chat platforms, including encrypted platforms, for suspicious activity or chatter. This service can be a one-time review or ongoing monitoring for real-time threat alerts.
Domain Monitoring and Brand Protection
We will help secure and preserve your organizations brand reputation by monitoring domains and alerting you to activity in order to protect against scams including phishing and social media that can be harmful to your brand.
Monitoring of Repository Services
Our team will examine existing repositories to look for any hidden keys or monitor suspicious activity.
Example Engagement: Dark Web Monitoring
A manufacturing company identified unauthorized access to its systems and engaged Kroll for a forensics investigation. Using dark web monitoring, the Kroll team identified corporate information on an underground cybercriminal forum. This information helped us focus investigative efforts, helped the client understand what data was accessed and provided guidance on how to proceed with client and employee notification.
Cyber Threat Hunting
Utilizing Kroll’s proprietary technology and enhanced hunting model, our threat analysts can rapidly search and pivot on TTPs, IOCs and emerging threat indicators to quickly identify possible threats seen across various environments. Our cyclical hunting model follows six steps:
- Data gathering (threat intelligence)
- Hypothesis formation
- Hunt scoping
- Hypothesis testing
- Novel threat identification and threat neutralization
- Review
Threat Intelligence Reporting
Through Kroll’s global intelligence intake, our team gathers and analyzes data to determine trends in the market and deeply understand the most popular and common cyber threats in today’s landscape.
Our team aggregates and breaks down data to provide the most helpful insights.
Enhance Investigations and Malware Analysis
Kroll’s threat intelligence services can provide further insight both before, during or after an incident. Our experts can help assess your exposure through advanced threat monitoring or help determine the scale of exposed data from a breach.
In conjunction with our threat intelligence insights, our analysts deliver actionable findings through in-depth technical analysis of benign and malicious code. We are able to not only identify and monitor for threats but also reverse engineer malware and provide triage analysis of any code-related event in order to enhance our recommendations for investigative next steps. Our Threat Intelligence team is your ultimate partner when it comes to assessing your organization’s exposure.
Threat Intelligence in a Cyber Risk Retainer
Threat intelligence can provide important insight into your organization’s exposure or help understand your digital footprint in your industry. Kroll clients can package threat intelligence services with Kroll’s cyber risk retainer, which gives you prioritized access to elite investigators and the flexibility to allocate incident response resources as well as all other cybersecurity solutions offered by Kroll.
Talk to a Threat Intelligence Expert
The threat landscape is evolving day by day. Partner with Kroll to leverage our frontline threat intelligence and experienced incident response professionals in order to keep your organization safe.
Threat Landscape Reports
Q4 2024 Cyber Threat Landscape: Gone Phishing. Evolving Techniques Keep Organizations on the Hook
Threat Landscape
Q3 2024 Threat Landscape Report: Rising Attacks on Tech and Telecoms Reinforce Need for Business Continuity Planning
November 21, 2024
by George Glass, Keith Wojcieszek
Threat Intelligence
Q2 2024 Threat Landscape Report: Threat Actors Do Their Homework, Ransomware and Cloud Risks Accelerate
August 21, 2024
by Keith Wojcieszek, George Glass
Threat Intelligence
Q1 2024 Threat Landscape Report: Insider Threat & Phishing Evolve Under AI Auspices
May 22, 2024
by Keith Wojcieszek, George Glass
Cyber and Data Resilience
Incident response, digital forensics, breach notification, security strategy, managed security services, discovery solutions, security transformation.
24x7 Incident Response
Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.
Kroll Responder MDR
Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.
Cyber Risk Retainer
Kroll delivers more than a typical incident response retainer—secure a true cyber risk retainer with elite digital forensics and incident response capabilities and maximum flexibility for proactive and notification services.
Penetration Testing Services
Validate your cyber defenses against real-world threats. Kroll’s world-class penetration testing services bring together front-line threat intelligence, thousands of hours of cyber security assessments completed each year and a team of certified cyber experts — the foundation for our sophisticated and scalable approach.
Convergence of Cyber and Physical Security: Geolocation Data Hacks and Executive Protection Threat Implications.png?mw=1080)
Cyber
Convergence of Cyber and Physical Security: Geolocation Data Hacks and Executive Protection Threat Implications
March 13, 2025
by Edward Currie, Anjori Radia
Threat Intelligence
Q4 2024 Cyber Threat Landscape: Gone Phishing. Evolving Techniques Keep Organizations on the Hook
February 26, 2025
by George Glass, Keith Wojcieszek
Threat Intelligence
January Threat Intelligence Spotlight Report
February 25, 2025
by George Glass, Keith Wojcieszek
Threat Intelligence
Fortinet Discloses Active Exploitation of Critical Zero-Day Vulnerability: CVE-2024-55591
January 17, 2025
by George Glass
Join Kroll at CLOC 2025 in Las Vegas
Cyber
Join Kroll at CLOC 2025 in Las Vegas
May 5 - 8, 2025|Conference
Visit Booth 523 for one-on-one insights on advancing your legal operations through industry-leading transformational programs.
Cyber
Webinar - How to Adopt DORA’s Threat Led Penetration Testing Requirements
April 22, 2025|Online
Cyber
Kroll at RSAC 2025 Conference
April 28 - May 1, 2025|Conference
Join Kroll experts at RSAC 2025 in San Francisco. Stop by booth 842 in the South Expo Hall to meet our team.
Kroll is headquartered in New York with offices around the world.
One World Trade Center
285 Fulton Street, 31st Floor
New York NY 10007
Sign up to receive periodic news, reports, and invitations from Kroll.
Our privacy policy describes how your data will be processed.
© 2025 Kroll, LLC. All rights reserved.
Kroll is not affiliated with Kroll Bond Rating Agency,
Kroll OnTrack Inc. or their affiliated businesses. Read more.