Threat Intelligence Sources

Our threat intelligence team is networked with leading researchers and groups

TrustedSec Artillery Threat Intelligence Feed (ATIF)

An open-source blue team tool with global Artillery servers that pulls real-time intelligence feeds of attackers and IP addresses.


Alien Labs® Open Threat Exchange® (OTX™)

A global open-source community with more than 100,000 threat researchers and security professionals in 140 countries who contribute over 19 million threat indicators daily.


Binary Defense Threat Information Engine

Our proprietary crawler uses machine learning to scrape and correlate information from the Internet, Darknet and Social media to search for keywords and threats specific to your organization.


National Cyber-Forensics and Training Alliance (NCFTA)

A nonprofit between private industry, government, and academia used to identify, mitigate and disrupt cybercrime.


CanCyber Foundation

A nonprofit Canadian Threat Intelligence platform focused on sharing indicators and threats from criminal activity and state-sponsored threats from China, Russia, DPRK, and Iran.


Cryptolaemus Group

A global group of more than 20 security experts dedicated to fighting Emotet malware. They specialize in monitoring botnet control servers, cracking encryption and protocols, and reverse engineering payloads.



Actionable threat intelligence from real attacks witnessed by DFIR honeypots that emulate a vulnerable system or network to attract intruders and study their behavior.




In late February, while tracking a malicious spam campaign from the Qakbot distributor “TR,” Binary Defense’s analysts identified a new version of IcedID being delivered through malicious Word and Excel files. The updated IcedID has a …


Qakbot Upgrades to Stealthier Persistence Method

Qakbot is a versatile banking trojan that until recently, focused primarily on theft of personal information and passwords.  However, following the trend toward ransomware set by Trickbot and other botnet malware families, Qakbot has recently shifted …


EmoCrash: Exploiting a Vulnerability in Emotet Malware for Defense

By: James Quinn Most of the vulnerabilities and exploits that you read about are good news for attackers and bad news for the rest of us. However, it’s important to keep in mind that malware is …