RHC Conference 2025: Un anno di DarkLab, tra Intelligence e Threat Actors

Overview

At the Red Hot Cyber Conference 2025, I delivered the speech “Un anno di DarkLab. Tra Intelligence e Threat Actors”.

The talk presented the evolution of DarkLab as a threat intelligence initiative, with a focus on how structured research, open-source intelligence, and dark web monitoring can support the analysis of modern cybercriminal ecosystems.

Main Themes

The session focused on several areas of work developed during the first year of DarkLab:

• tracking threat actors and ransomware groups;
• monitoring data leak sites and underground sources;
• interpreting public disclosures as intelligence signals;
• correlating technical indicators with actor behavior;
• transforming raw observations into useful analytical outputs.

Particular attention was given to the importance of context. Indicators alone are rarely sufficient: they must be interpreted within a broader operational and strategic picture that includes actor intent, infrastructure reuse, victimology, and ecosystem dynamics.

Why It Matters

Threat intelligence is not simply a collection of feeds or technical artifacts. It is an analytical discipline that requires method, validation, and continuous interpretation. DarkLab was created to contribute to this process by connecting community research, technical investigation, and field experience.

Event

Red Hot Cyber Conference 2025
Speech: Un anno di DarkLab. Tra Intelligence e Threat Actors