Zservers: Bulletproof hosting for online crime
Russia-based bulletproof hosting service Zservers was exposed and hit with sanctions. But there are signs it may not have been permanently disrupted.
Update: Black Basta Ransomware and Threat Group
A significant leak of internal chat logs from within Black Basta ransomware group has provided the community with a glimpse into their operations, including further information regarding their capabilities, tools and motivati...
Black Basta exposed: A look at a cybercrime data leak
Black Basta suffered a leak of 197,000 internal chats messages, which has exposed critical details about how this damaging ransomware gang operated, including how its top member claims to have eluded law enforcement.
The evolution of Russian cybercrime
In this Studio 471, Roman Sannikov, Founder of Constellation Cyber shares his insight into the Russian cybercriminal landscape, the evolution of online crime and what lies ahead with ransomware.
BadPilot Campaign
The subgroup conducting BadPilot has been observed to be exploiting known vulnerabilities, such as CVE-2024-1709 (ConnectWise ScreenConnect) and CVE-2023-48788 (Fortinet FortiClient EMS), as well as abusing remote access tool...

Android trojan TgToxic updates its capabilities
Intel 471 mobile malware researchers recently discovered a campaign leveraging an updated version of TgToxic, an Android banking trojan. Here's an in-depth look at this malware.

Threat hunting case study: SocGholish
SocGhlosh is a malware campaign that spreads via hacked web pages. This is a guide for how to detect infections by searching in SIEMs and logging systems for attacker behaviors.

DeepSeek AI poses cybersecurity risks
China-based DeepSeek has upended notions about AI development and prompted security concerns. Here is a briefing on DeepSeek and how cybercriminals are viewing its development.

Law enforcement hammered cybercrime in 2024. Is it working?
In 2024, authorities took aim at ransomware gangs, malware developers, cybercriminal infrastructure and cryptocurrency thieves. Here's a look at the effects of these operations.

How threat actors are using artificial intelligence
Artificial intelligence is a red-hot mess, filled with contradicting predictions over whether it will bring vast benefits. In this Studio 471, Ashley Jess shares her insight into how AI will shape the threat landscape.