Blog: Stay Ahead of Cyber Threats | Intel 471 Skip to content
Resources

Intel 471 Blog

Cutting edge threat intelligence and research

Homepage Hero
Holiday Season Cyber Threats (Part 1): Phishing, Fake Shops and Bogus Bookings
Threat Intelligence// Dec 06, 2024

Holiday Season Cyber Threats (Part 1): Phishing, Fake Shops and Bogus Bookings

The holiday season is here. It’s a time for reuniting with family and friends, travel and gift-giving. It’s also a prime time for cybercrime as millions of consumers head to online checkouts on Black Friday, Cyber Monday, Giv...

Cybercrime Exposed Podcast: Raccoon Stealer
Cybercriminals// Malicious Actors// Dec 05, 2024

Cybercrime Exposed Podcast: Raccoon Stealer

Information stealing malware is one of the most common ways that organizations end up infiltrated by malicious hackers. For several years, one type of infostealer called Raccoon Stealer ruled them all.

Using CTI in Realistic Attack Simulations
Security Operations// Nov 26, 2024

Using CTI in Realistic Attack Simulations

Australia holds regular exercises to test the cyber resiliency of the financial services sector. In this Studio 471, two experts from the cybersecurity consultancy CyberCX discuss how these exercises are developed using cyber...

A Look at Trending Chinese APT Techniques
Cybercriminals// Malicious Actors// Nov 18, 2024

A Look at Trending Chinese APT Techniques

Cyber capabilities play a key role in achieving China’s strategic goals. Here's a look at significant state-sponsored actors, which are adopting stealthy techniques to avoid their campaigns being linked to Beijing.

Threat Hunting Case Study: Uncovering Turla
Threat Hunting// Nov 11, 2024

Threat Hunting Case Study: Uncovering Turla

Adversaries try to hide malicious components by renaming them as legitimate Windows binaries. This technique has been used by the Turla threat actor group and others. Here's how to threat hunt for this behavior.

How to Defend Against Alleged Snowflake Attacker ‘Judische’
Cybercriminals// Malicious Actors// Nov 05, 2024

How to Defend Against Alleged Snowflake Attacker ‘Judische’

The threat actor behind the compromise of more than 165 organizations using Snowflake credentials stolen by infostealers has reportedly been detained. Here's a profile of the Com-related threat actor "Judische."

RedLine and Meta: The Story of Two Disrupted Infostealers
Cybercriminals// Malicious Actors// Oct 30, 2024

RedLine and Meta: The Story of Two Disrupted Infostealers

The RedLine infostealer's infrastructure is offline and its alleged creator charged. But RedLine's activity continues. Here's a deep dive into this infostealer operation and the effects of a law enforcement disruption.

Fog Ransomware
Emerging Threats// Oct 30, 2024

Fog Ransomware

A Halloween Story: 10 Cyber Ghouls We Eyeballed In Q3 2024
Threat Intelligence// Oct 29, 2024

A Halloween Story: 10 Cyber Ghouls We Eyeballed In Q3 2024

In the third quarter of 2024, ransomware remained one of the most impactful threats to all sectors. Defenders were faced with a record number of vulnerabilities as nation-state actors, money lusting cybercriminals, and hackti...

Elections 2024: Pink Slime Journalism Overtaking Local News?
Threat Intelligence// Oct 24, 2024

Elections 2024: Pink Slime Journalism Overtaking Local News?

“Pink slime” news sites peddling politically biased stories and misinformation are filling an information void left by a US local news industry in rapid decline. What can be done to protect consumers and the integrity of onli...