Monthly Reports
Monthly Reports provide a structured review of recent eCrime.ch observations for reporting and briefing workflows.
What Monthly Reports Are For
Section titled “What Monthly Reports Are For”Use monthly reports to:
- summarize ransomware and leak-site activity
- identify notable actors and source changes
- highlight countries and sectors with elevated activity
- review confirmed data leaks and publication evidence
- capture relevant news, vulnerabilities, and intelligence notes
- support internal briefings, customer updates, or recurring threat reports
How to Read a Report
Section titled “How to Read a Report”Treat a monthly report as an analyst-oriented summary, not as a replacement for the live tracker. The tracker and intelligence pages remain the source for the newest event state, while the monthly report gives a time-bounded narrative and highlights.
Good Workflow
Section titled “Good Workflow”- Use the monthly report for the high-level picture.
- Open linked actor, country, sector, or data-leak views for details.
- Use Search to validate names, domains, CVEs, or sectors mentioned in the report.
- Use exports or the API if you need to reproduce the underlying event set.