Counting intelligence outputs is simple: volume, velocity, coverage. The real question is this: does your intelligence improve decisions under pressure, with confidence you can defend?
You cannot confidently choose threat intelligence integrations and services when you have to commit before you can validate operational impact. That is how you end up with tools that look good on paper, but do not always reduce triage time, improve detection quality, or support response the way you hoped.
Disinformation is no longer just a nuisance. It’s a weapon leveraged by both state and non-state actors. For information operations analysts tracking influence campaigns across elections, national security threats, and coordinated disinformation efforts, the challenge is growing. Whether you work in a government agency, intelligence service, election security organization, or corporate trust and safety team, the tools at your disposal were not built for this fight.
Threat intelligence teams deal with a constant influx of data from multiple providers, often describing the same threat actor, malware, or vulnerability in slightly different ways. Instead of speeding up analysis, this duplication adds friction and slows decisions.
The defense community deserves a threat intelligence platform that speaks their language. With our new Defense TIP mode, EclecticIQ aligns fully with NATO and US military doctrine, eliminating the friction caused by mismatched terminology, structure, and limited interoperability with joint and coalition intelligence workflows. This is a mission-ready capability built to meet the strategic and operational demands of modern defense intelligence.
Last summer, a conversation took place between a group of security professionals from EclecticIQ and Booz Allen Hamilton. The topic was straightforward: The Hague is home to NATO, Europol, the Dutch NCSC, and The Hague Security Delta - the largest security cluster in Europe. It is also home to major global enterprises, financial institutions, and critical national infrastructure that represent some of the most significant concentrations of cyber risk on the continent. By any measure, The Hague is one of the most important security hubs in the world.
And yet it had no grassroots community event to reflect that status. No accessible, practitioner-led space where the community could come together, share real knowledge, and connect outside of a commercial setting... and notably, no BSides event.
The question was simple. Why had nobody done this? What followed was equally simple.
We decided we would.
EclecticIQ is proud to sponsor and exhibit at Black Hat Europe 2025, one of the world’s leading cybersecurity and threat intelligence conferences. This year’s event brings more than 3,000 security professionals from over 70 countries to London’s ExCeL for two days of technical briefings, hands-on research, and emerging security insights.
From Black Friday to Boxing Day, shopping surges and so do cyber scams. Countdown timers and “last chance” offers create urgency that attackers exploit. Every click has consequences if you’re not prepared.
Cybersecurity is no longer a concern reserved for the world’s largest enterprises or government agencies. In today’s hyperconnected world, every organization — regardless of size, sector, or geography — is a potential target.
EclecticIQ Intelligence Center 3.6 isn’t just an update - it’s a leap forward. With smarter finished intelligence reporting, flexible intelligence modelling, and next-level AI features, this release helps cybersecurity teams move faster, work smarter, and deliver more value across the organization. Let’s break down what’s new, what it means, and why it matters.
In today’s fast-moving threat landscape, your intelligence doesn’t always fit predefined categories. EclecticIQ Intelligence Center 3.6 gives you Custom objects, built on STIX’s extension capability, so you can capture and operationalize intelligence that goes beyond the standard object types.
The EclecticIQ AI features have already been helping you work faster and smarter, from using AI assistant as your on-demand research partner, to querying complex data sets using NLP search, aligning requirements with Intelligence Compass, and extracting key entities with AI entity extraction. With the upcoming 3.6 release of Intelligence Center, we’re expanding the EclecticIQ AI Suite with the productivity-boosting features: Summarization , Content generation with templates and Translation. These tools are built to help you move faster, go broader, and stay focused on what matters most.
For CTI teams, reporting is more than a checkbox - it’s how intelligence becomes action. But outdated tools and workflows often make report creation slow, frustrating, and disconnected from the polished, professional outputs stakeholders expect.
Cybersecurity has been stuck in reaction mode for too long. Detect, respond, patch, repeat. That cycle isn’t working anymore. Threat actors are moving faster, scaling wider, and using AI to outpace defenders.
In an era of escalating cyber threats and operational complexity, threat intelligence teams are facing unprecedented challenges. From ransomware targeting critical national infrastructure to alert fatigue overwhelming analysts, security leaders are seeking new approaches to make sense of the threat landscape and protect their organizations.
EclecticIQ analysts assess with high confidence that ShinyHunters is expanding its operations by combining AI-enabled voice phishing, supply chain compromises, and leveraging malicious insiders, such as employees or contractors, who can provide direct access to enterprise networks.
I'm incredibly proud to share that EclecticIQ has been officially certified as a Leading Employer Netherlands 2025, placing us among the top 1% of employers in the Netherlands. Having joined the company about a year ago, this recognition validates what drew me here in the first place and what I've experienced firsthand: our people truly are our greatest asset.
On June 2, 2025, EclecticIQ analysts observed the emergence of GLOBAL GROUP, a new Ransomware-as-a-Service (RaaS) brand promoted on the Ramp4u forum by the threat actor known as “$$$”. The same actor controls the Black Lock RaaS [1] and previously managed Mamona [2] ransomware operations. GLOBAL GROUP targets a wide range of sectors across the United States and Europe.
EclecticIQ assesses with medium confidence that GLOBAL GROUP was likely established as a rebranding of the BlackLock RaaS operation. This rebranding aims to rebuild trust and expand the affiliate network by giving 80% of extorted ransom money to affiliates.
On May 7, 2025, during the active military escalation between Pakistan and India—specifically in the context of India's military campaign 'Operation Sindoor'—, EclecticIQ analysts observed that Bitter APT (also known as TA397) [1] very likely targeted the Pakistan Telecommunication Company Limited (PTCL) workers [2] in a spear phishing campaign very likely to deliver malware. Analysts assess that, Bitter APT is very likely a South Asian state-sponsored actor, conducting cyber-enable espionage operations by stealing state and trade secrets.
On Thursday, May 15, 2025, Ivanti disclosed two critical vulnerabilities - CVE-2025-4427 and CVE-2025-4428 - affecting Ivanti Endpoint Manager Mobile (EPMM) version 12.5.0.0 and earlier. [1] These vulnerabilities can be chained to achieve unauthenticated remote code execution (RCE) on exposed systems.
Entrar