SafeHorizon newsroom

Initial Access Brokers (IABs) are specialised cybercriminals who access/infiltrate networks and then sell that access to others, therefore acting as brokers of information (and entry points) in the cybercriminal economy.

RansomHouse RaaS now uses multi-layered encryption and double extortion, hitting critical sectors and showing the need for proactive, adaptive cyber defense.

Working with CTI means handling risky data safely, use defanging, secure channels, encryption (PGP/E2EE), OPSEC, proper file handling and sandboxing.

MaaS turns cybercrime into a paid service, letting even low-skill actors launch sophisticated attacks at scale, driving over half of recent malware threats worldwide.

The laundering of money from cybercrime involves a complex network of transfers, and investigators tracking these funds navigate a maze of cryptocurrency transactions and conversions.

Cybercrime has evolved into a complex business ecosystem, where malicious tools and stolen data are sold like services. The lone hacker myth is gone, CaaS now fuels today’s digital crime.

Blockchain poses challenges for law enforcement, offering both anonymity for criminals and full transparency through permanent transaction records. With blockchain analytics, investigators can trace fund flows, link related wallets, and track movements across chains, revealing criminal networks and identifying touchpoints with the traditional financial system.

Ransomware is among today’s most disruptive cyber threats, with cryptocurrency payments enabling attackers to operate globally, quickly, and with relative anonymity.

Phishing kits like Tycoon 2FA bypass traditional MFA at scale, exposing a shift toward Phishing-as-a-Service and the need for stronger authentication.

Cybercriminals adopt new tech faster than regulators. Closing the gap means investing in expertise, AI, and global public–private collaboration.