Skip to content

Monthly Reports

Monthly Reports provide a structured review of recent eCrime.ch observations for reporting and briefing workflows.

Use monthly reports to:

  • summarize ransomware and leak-site activity
  • identify notable actors and source changes
  • highlight countries and sectors with elevated activity
  • review confirmed data leaks and publication evidence
  • capture relevant news, vulnerabilities, and intelligence notes
  • support internal briefings, customer updates, or recurring threat reports

Treat a monthly report as an analyst-oriented summary, not as a replacement for the live tracker. The tracker and intelligence pages remain the source for the newest event state, while the monthly report gives a time-bounded narrative and highlights.

  1. Use the monthly report for the high-level picture.
  2. Open linked actor, country, sector, or data-leak views for details.
  3. Use Search to validate names, domains, CVEs, or sectors mentioned in the report.
  4. Use exports or the API if you need to reproduce the underlying event set.