Blog: Stay Ahead of Cyber Threats | Intel471 Skip to content
Resources

Intel 471 Blog

Cutting edge threat intelligence and research

Homepage Hero
Building Capable Threat Intelligence Programs
Threat Intelligence// Feb 21, 2024

Building Capable Threat Intelligence Programs

It's possible to build effective cyber threat intelligence programs with smaller teams, but stakeholder buy-in is important. John Fokker of Trellix describes how security teams can improve their CTI programs.

What Lies Ahead After LockBit’s Disruption?
Cybercriminals// Malicious Actors// Feb 20, 2024

What Lies Ahead After LockBit’s Disruption?

The No. 1 ransomware group, LockBit, saw its entire infrastructure seized by law enforcement. We review the origins of LockBit, why this group rose in prominence and if this action means the end of the gang.

How Discord is Abused for Cybercrime
Threat Intelligence// Feb 13, 2024

How Discord is Abused for Cybercrime

Discord is one of many spaces online where threat actors find each other, exchange information and hone their techniques. This report explores the rise of young hacker communities on Discord and the security implications.

Cybercrime Exposed Podcast: Botnet Breakup
Threat Intelligence// Feb 06, 2024

Cybercrime Exposed Podcast: Botnet Breakup

The Qakbot or QBot botnet was used by cybercriminal gangs to infiltrate computers, steal their data, conduct financial crime and deploy ransomware. But in 2023, law enforcement hacked the hackers. Here's the story.

Medibank’s Attacker: IT Businessman, Claimed Psychologist and Alleged Cybercriminal
Cybercriminals// Malicious Actors// Jan 24, 2024

Medibank’s Attacker: IT Businessman, Claimed Psychologist and Alleged Cybercriminal

Australia has accused Aleksander Ermakov of one of the country's largest data beach and extortion attacks. Intel 471 has compiled a deep profile Ermakov and his long-known links to cybercrime.

Testing the Efficacy of Security Software
Threat Intelligence// Jan 24, 2024

Testing the Efficacy of Security Software

In this edition of Studio 471, Simon Edwards of SE Labs walks through how his company tests security products based on the cyber kill chain and MITRE ATT&CK.

Bulletproof Hosting: A Critical Cybercriminal Service
Cybercriminals// Malicious Actors// Jan 22, 2024

Bulletproof Hosting: A Critical Cybercriminal Service

Cybercriminals use "bulletproof" hosting in order to keep malware and phishing pages online longer. Here's why this is a sought-after service, some significant providers and how to defend against it.

Mitigate Supply Chain Risk with Cyber Threat Intelligence
Threat Intelligence// Jan 16, 2024

Mitigate Supply Chain Risk with Cyber Threat Intelligence

Attackers increasingly are capitalizing on risks that come from supply chains. Cyber resilience is dependent not only on the strength of an organization’s own planning and defenses, but also that of its partners.

Cybercrime Exposed Podcast: The Xbox One Hack
Cybercriminals// Malicious Actors// Jan 09, 2024

Cybercrime Exposed Podcast: The Xbox One Hack

Arman Sadri was a gaming hacker. But he didn’t recognize when he’d gone too deep. His life unraveled, and the FBI wasn’t far behind. His years-long dalliance on the edge led him to a place from which he’s still recovering.

Looking Ahead: Cybersecurity Challenges in 2024
Threat Intelligence// Jan 07, 2024

Looking Ahead: Cybersecurity Challenges in 2024

This post provides an overview of some of the significant trends over the last year in the criminal underground and cybersecurity with a view as to what’s ahead in 2024.