Intel471

Intel471 https://intel471.com/ en-US Sun, 17 Nov 2024 17:39:22 -0500 Sun, 17 Nov 2024 17:39:22 -0500 Threat Hunting Case Study: Uncovering Turla https://intel471.com/blog/threat-hunting-case-study-uncovering-turla Mon, 11 Nov 2024 18:14:00 -0500 Jeremy Kirk https://intel471.com/blog/threat-hunting-case-study-uncovering-turla How to Defend Against Alleged Snowflake Attacker ‘Judische’ https://intel471.com/blog/how-to-defend-against-alleged-snowflake-attacker-judische Tue, 05 Nov 2024 02:08:00 -0500 Jeremy Kirk https://intel471.com/blog/how-to-defend-against-alleged-snowflake-attacker-judische RedLine and Meta: The Story of Two Disrupted Infostealers https://intel471.com/blog/redline-and-meta-the-story-of-two-disrupted-infostealers Wed, 30 Oct 2024 18:08:00 -0400 Jeremy Kirk https://intel471.com/blog/redline-and-meta-the-story-of-two-disrupted-infostealers A Halloween Story: 10 Cyber Ghouls We Eyeballed In Q3 2024 https://intel471.com/blog/a-halloween-story-10-cyber-ghouls-we-eyeballed-in-q3-2024 Tue, 29 Oct 2024 10:00:00 -0400 Haylee Hewlett https://intel471.com/blog/a-halloween-story-10-cyber-ghouls-we-eyeballed-in-q3-2024 Elections 2024: Pink Slime Journalism Overtaking Local News? https://intel471.com/blog/elections-2024-pink-slime-journalism-overtaking-local-news Thu, 24 Oct 2024 11:00:00 -0400 Haylee Hewlett https://intel471.com/blog/elections-2024-pink-slime-journalism-overtaking-local-news Will Processing CTI Become Legally Risky? https://intel471.com/blog/will-processing-cti-become-legally-risky Tue, 22 Oct 2024 20:12:00 -0400 Haylee Hewlett https://intel471.com/blog/will-processing-cti-become-legally-risky How Adversaries Try to Interfere with the U.S. Election https://intel471.com/blog/how-adversaries-try-to-interfere-with-the-u-s-election Mon, 14 Oct 2024 21:49:00 -0400 Jeremy Kirk https://intel471.com/blog/how-adversaries-try-to-interfere-with-the-u-s-election Is your organisation ready for NIS2? https://intel471.com/blog/is-your-organisation-ready-for-nis2 Mon, 14 Oct 2024 02:00:00 -0400 Haylee Hewlett https://intel471.com/blog/is-your-organisation-ready-for-nis2 To Deliver Malware, Attackers Use the Phone https://intel471.com/blog/to-deliver-malware-attackers-use-the-phone Tue, 08 Oct 2024 20:15:00 -0400 Jeremy Kirk https://intel471.com/blog/to-deliver-malware-attackers-use-the-phone Cybersecurity Is Every Employees’ Responsibility https://intel471.com/blog/cybersecurity-is-every-employees-responsibility Thu, 03 Oct 2024 07:00:00 -0400 Haylee Hewlett https://intel471.com/blog/cybersecurity-is-every-employees-responsibility Are Telegram's New Policies Spooking Cybercriminals? https://intel471.com/blog/are-telegrams-new-policies-spooking-cybercriminals Tue, 01 Oct 2024 21:34:00 -0400 Jeremy Kirk https://intel471.com/blog/are-telegrams-new-policies-spooking-cybercriminals Detecting Malware Abusing Google for Command-and-Control https://intel471.com/blog/detecting-malware-abusing-google-for-c2 Tue, 01 Oct 2024 01:12:00 -0400 Jeremy Kirk https://intel471.com/blog/detecting-malware-abusing-google-for-c2 Intel 471 Earns Frost & Sullivan’s 2024 Enabling Technology Leadership Award https://intel471.com/blog/intel-471-earns-frost-sullivans-2024-enabling-technology-leadership-award Wed, 25 Sep 2024 18:06:00 -0400 Haylee Hewlett https://intel471.com/blog/intel-471-earns-frost-sullivans-2024-enabling-technology-leadership-award Why Russia is a Hotbed of Cybercrime https://intel471.com/blog/why-russia-is-a-hotbed-of-cybercrime Tue, 24 Sep 2024 17:09:00 -0400 Haylee Hewlett https://intel471.com/blog/why-russia-is-a-hotbed-of-cybercrime A Look at the Residential Proxy Market https://intel471.com/blog/a-look-at-the-residential-proxy-market Mon, 16 Sep 2024 22:24:00 -0400 Jeremy Kirk https://intel471.com/blog/a-look-at-the-residential-proxy-market Threat Hunting Case Study: Uncovering FIN7 https://intel471.com/blog/threat-hunting-case-study-uncovering-fin7 Tue, 10 Sep 2024 00:29:00 -0400 Jeremy Kirk https://intel471.com/blog/threat-hunting-case-study-uncovering-fin7 Hunting for RansomHub and Antivirus Killers https://intel471.com/blog/hunting-for-ransomhub-and-antivirus-killers Mon, 09 Sep 2024 13:30:00 -0400 Haylee Hewlett https://intel471.com/blog/hunting-for-ransomhub-and-antivirus-killers A Briefing on Malware Crypting Services https://intel471.com/blog/a-briefing-on-malware-crypting-services Wed, 04 Sep 2024 19:35:00 -0400 Jeremy Kirk https://intel471.com/blog/a-briefing-on-malware-crypting-services France vs. Telegram: What Does it Mean for Cybercrime? https://intel471.com/blog/france-vs-telegram-what-does-it-mean-for-cybercrime Wed, 28 Aug 2024 19:02:00 -0400 Jeremy Kirk https://intel471.com/blog/france-vs-telegram-what-does-it-mean-for-cybercrime How to Comfortably Share Threat Intel with ISACs https://intel471.com/blog/how-to-comfortably-share-threat-intel-with-isacs Tue, 27 Aug 2024 15:06:00 -0400 Haylee Hewlett https://intel471.com/blog/how-to-comfortably-share-threat-intel-with-isacs Threat Hunting Case Study: Tracking Down GootLoader https://intel471.com/blog/threat-hunting-case-study-tracking-down-gootloader Tue, 20 Aug 2024 19:04:00 -0400 Jeremy Kirk https://intel471.com/blog/threat-hunting-case-study-tracking-down-gootloader Intel 471 makes industry-leading announcements at Black Hat USA 2024 https://intel471.com/blog/intel-471-leads-the-industry-at-black-hat-2024-with-cti-maturity-model-and-intelligence-driven-threat-hunting Tue, 20 Aug 2024 17:09:00 -0400 Haylee Hewlett https://intel471.com/blog/intel-471-leads-the-industry-at-black-hat-2024-with-cti-maturity-model-and-intelligence-driven-threat-hunting Cybercrime Exposed Podcast: Tank https://intel471.com/blog/cybercrime-exposed-podcast-tank Mon, 19 Aug 2024 23:40:00 -0400 Haylee Hewlett https://intel471.com/blog/cybercrime-exposed-podcast-tank MacOS is Increasingly Targeted by Threat Actors https://intel471.com/blog/macos-is-increasingly-targeted-by-threat-actors Mon, 12 Aug 2024 20:24:00 -0400 Jeremy Kirk https://intel471.com/blog/macos-is-increasingly-targeted-by-threat-actors Threat Actors Target Gift Card Issuing Systems https://intel471.com/blog/threat-actors-target-gift-card-issuing-systems Tue, 06 Aug 2024 21:50:00 -0400 Jeremy Kirk https://intel471.com/blog/threat-actors-target-gift-card-issuing-systems Introducing the CTI Capability Maturity Model, a resource for measuring and building mature CTI programs https://intel471.com/blog/introducing-the-cti-capability-maturity-model-a-resource-for-measuring-and-building-mature-cti-programs Mon, 05 Aug 2024 06:00:00 -0400 Haylee Hewlett https://intel471.com/blog/introducing-the-cti-capability-maturity-model-a-resource-for-measuring-and-building-mature-cti-programs BlankBot - a new Android banking trojan with screen recording, keylogging and remote control capabilities https://intel471.com/blog/blankbot-a-new-android-banking-trojan-with-screen-recording-keylogging-and-remote-control-capabilities Thu, 01 Aug 2024 13:26:00 -0400 Haylee Hewlett https://intel471.com/blog/blankbot-a-new-android-banking-trojan-with-screen-recording-keylogging-and-remote-control-capabilities How Cyber Insurance is Reducing Risk https://intel471.com/blog/how-cyber-insurance-is-reducing-risk Wed, 31 Jul 2024 12:40:00 -0400 Haylee Hewlett https://intel471.com/blog/how-cyber-insurance-is-reducing-risk Intel 471 Cyber Geopolitical Intelligence: Making the connection between geopolitics and cybersecurity threats https://intel471.com/blog/intel-471-cyber-geopolitical-intelligence-making-the-connection-between-geopolitics-and-cybersecurity-threats Wed, 31 Jul 2024 05:00:00 -0400 Haylee Hewlett https://intel471.com/blog/intel-471-cyber-geopolitical-intelligence-making-the-connection-between-geopolitics-and-cybersecurity-threats Threat Hunting Case Study: Looking for Volt Typhoon https://intel471.com/blog/threat-hunting-case-study-looking-for-volt-typhoon Mon, 22 Jul 2024 02:11:00 -0400 Jeremy Kirk https://intel471.com/blog/threat-hunting-case-study-looking-for-volt-typhoon BreachForums Saga Continues. What’s Next? https://intel471.com/blog/breachforums-saga-continues-whats-next Thu, 18 Jul 2024 08:00:00 -0400 Jeremy Kirk https://intel471.com/blog/breachforums-saga-continues-whats-next Cyber Threat Landscape: 2024 Paris Olympic Games https://intel471.com/blog/cyber-threat-landscape-2024-paris-olympic-games Mon, 15 Jul 2024 19:32:00 -0400 Jeremy Kirk https://intel471.com/blog/cyber-threat-landscape-2024-paris-olympic-games Assessing the Disruptions of Ransomware Gangs https://intel471.com/blog/assessing-the-disruptions-of-ransomware-gangs Mon, 01 Jul 2024 08:00:00 -0400 Jeremy Kirk https://intel471.com/blog/assessing-the-disruptions-of-ransomware-gangs What Can We Learn from Ransomware Attacks https://intel471.com/blog/what-can-we-learn-from-ransomware-attacks Tue, 25 Jun 2024 13:12:00 -0400 Haylee Hewlett https://intel471.com/blog/what-can-we-learn-from-ransomware-attacks Spectre RAT https://intel471.com/blog/spectra-rat Fri, 21 Jun 2024 12:00:00 -0400 Haylee Hewlett https://intel471.com/blog/spectra-rat Hunting for Credential Theft - Identify When an InfoStealer May be Stealing Sensitive Access https://intel471.com/blog/credential-theft Fri, 21 Jun 2024 10:30:37 -0400 Haylee Hewlett https://intel471.com/blog/credential-theft Threat Hunting Case Study: Looking for Evil Corp https://intel471.com/blog/threat-hunting-case-study-looking-for-evil-corp Tue, 18 Jun 2024 08:00:00 -0400 Jeremy Kirk https://intel471.com/blog/threat-hunting-case-study-looking-for-evil-corp Cybercriminals and AI: Not Just Better Phishing https://intel471.com/blog/cybercriminals-and-ai-not-just-better-phishing Wed, 12 Jun 2024 08:00:00 -0400 Jeremy Kirk https://intel471.com/blog/cybercriminals-and-ai-not-just-better-phishing Introducing 471 Attack Surface Protection for intelligence-led business operations https://intel471.com/blog/introducing-471-attack-surface-protection-for-intelligence-led-business-operations Wed, 05 Jun 2024 05:00:00 -0400 Haylee Hewlett https://intel471.com/blog/introducing-471-attack-surface-protection-for-intelligence-led-business-operations What the Biggest-Ever Botnet Takedown Means https://intel471.com/blog/what-the-biggest-ever-botnet-takedown-means Fri, 31 May 2024 19:55:00 -0400 Jeremy Kirk https://intel471.com/blog/what-the-biggest-ever-botnet-takedown-means DarkGate Malware https://intel471.com/blog/darkgate-malware Thu, 30 May 2024 15:50:11 -0400 Haylee Hewlett https://intel471.com/blog/darkgate-malware MITRE ATT&CK Looks at Cybercrime Techniques https://intel471.com/blog/mitre-attack-looks-at-cybercrime-techniques Wed, 29 May 2024 22:55:00 -0400 Haylee Hewlett https://intel471.com/blog/mitre-attack-looks-at-cybercrime-techniques Intel 471 Drives Innovation at RSA Conference 2024 with Intelligence-Led Threat Hunting https://intel471.com/blog/intel-471-drives-innovation-at-rsa-conference-2024-with-intelligence-led-threat-hunting Wed, 22 May 2024 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/intel-471-drives-innovation-at-rsa-conference-2024-with-intelligence-led-threat-hunting GootLoader Malware https://intel471.com/blog/gootloader-malware Tue, 21 May 2024 14:54:04 -0400 Haylee Hewlett https://intel471.com/blog/gootloader-malware Black Basta Ransomware and Threat Group https://intel471.com/blog/black-basta-ransomware-and-threat-group Wed, 15 May 2024 14:16:00 -0400 Haylee Hewlett https://intel471.com/blog/black-basta-ransomware-and-threat-group Alleged LockBit Ransomware Gang Leader Named https://intel471.com/blog/alleged-lockbit-ransomware-gang-leader-named Tue, 07 May 2024 18:03:00 -0400 Jeremy Kirk https://intel471.com/blog/alleged-lockbit-ransomware-gang-leader-named Exploits, Access, Extortion: Know Your Enemy in 2024 and Beyond https://intel471.com/blog/arm-yourself-with-the-intel-471-cyber-threat-report-2024 Mon, 06 May 2024 06:00:00 -0400 Haylee Hewlett https://intel471.com/blog/arm-yourself-with-the-intel-471-cyber-threat-report-2024 Intel 471 Sets New Standard in Intelligence-Driven Threat Hunting https://intel471.com/blog/intel-471-sets-new-standard-in-intelligence-driven-threat-hunting Wed, 01 May 2024 05:00:00 -0400 Haylee Hewlett https://intel471.com/blog/intel-471-sets-new-standard-in-intelligence-driven-threat-hunting A Briefing on SIM Hijacking https://intel471.com/blog/a-briefing-on-sim-hijacking Thu, 25 Apr 2024 06:00:00 -0400 Jeremy Kirk https://intel471.com/blog/a-briefing-on-sim-hijacking Combatting Deepfakes in the Year of AI Elections https://intel471.com/blog/combatting-deepfakes-in-the-year-of-ai-elections Tue, 23 Apr 2024 08:00:00 -0400 Haylee Hewlett https://intel471.com/blog/combatting-deepfakes-in-the-year-of-ai-elections CVE-2024-3400 - Palo Alto OS Command Injection Vulnerability https://intel471.com/blog/cve-2024-3400-palo-alto-os-command-injection-vulnerability Thu, 18 Apr 2024 13:49:00 -0400 Haylee Hewlett https://intel471.com/blog/cve-2024-3400-palo-alto-os-command-injection-vulnerability Can Deepfakes Bypass Online ID Verifications? https://intel471.com/blog/can-deepfakes-bypass-online-id-verifications Wed, 17 Apr 2024 08:00:00 -0400 Jeremy Kirk https://intel471.com/blog/can-deepfakes-bypass-online-id-verifications How Cybercriminals Exploit the Hospitality Industry https://intel471.com/blog/how-cybercriminals-exploit-the-hospitality-industry Thu, 11 Apr 2024 08:00:00 -0400 Jeremy Kirk https://intel471.com/blog/how-cybercriminals-exploit-the-hospitality-industry Speed and Insight: Intel 471’s Data Leak Blogs Enhancement https://intel471.com/blog/speed-and-insight-intel-471s-data-leak-blogs-enhancement Wed, 10 Apr 2024 05:00:00 -0400 Haylee Hewlett https://intel471.com/blog/speed-and-insight-intel-471s-data-leak-blogs-enhancement Targeted Phishing Linked to 'The Com' Surges https://intel471.com/blog/targeted-phishing-linked-to-the-com-surges Tue, 02 Apr 2024 18:40:00 -0400 Jeremy Kirk https://intel471.com/blog/targeted-phishing-linked-to-the-com-surges Vulnerabilities Year-in-Review: 2023 https://intel471.com/blog/vulnerabilities-year-in-review-2023 Wed, 27 Mar 2024 13:26:00 -0400 Jeremy Kirk https://intel471.com/blog/vulnerabilities-year-in-review-2023 Intel 471 Products Meet Evolving Cyber Threat Landscape https://intel471.com/blog/intel-471-products-meet-evolving-cyber-threat-landscape Thu, 21 Mar 2024 00:30:00 -0400 Haylee Hewlett https://intel471.com/blog/intel-471-products-meet-evolving-cyber-threat-landscape Countering Cyber Extortion and Hacktivism https://intel471.com/blog/countering-cyber-extortion-and-hacktivism Wed, 20 Mar 2024 15:35:00 -0400 Haylee Hewlett https://intel471.com/blog/countering-cyber-extortion-and-hacktivism Volt Typhoon: Advisory Update https://intel471.com/blog/volt-typhoon-advisory-update Wed, 20 Mar 2024 13:37:33 -0400 Haylee Hewlett https://intel471.com/blog/volt-typhoon-advisory-update Threat-Informed Defense through Behavioral Threat Hunting https://intel471.com/blog/threat-informed-defense-through-behavioral-threat-hunting Wed, 13 Mar 2024 07:26:45 -0400 Haylee Hewlett https://intel471.com/blog/threat-informed-defense-through-behavioral-threat-hunting Phobos Unleashed: Navigating the Maze of Ransomware's Ever-Evolving Threat https://intel471.com/blog/phobos-unleashed-navigating-the-maze-of-ransomwares-ever-evolving-threat Mon, 11 Mar 2024 12:10:30 -0400 Haylee Hewlett https://intel471.com/blog/phobos-unleashed-navigating-the-maze-of-ransomwares-ever-evolving-threat Cybercrime Exposed Podcast: Crypto Heist https://intel471.com/blog/cybercrime-exposed-podcast-crypto-heist Tue, 05 Mar 2024 18:43:00 -0500 Haylee Hewlett https://intel471.com/blog/cybercrime-exposed-podcast-crypto-heist DarkCasino Strikes: Unveiling the Cyber Shadows of Water Hydra https://intel471.com/blog/darkcasino-strikes-unveiling-the-cyber-shadows-of-water-hydra Thu, 29 Feb 2024 12:27:59 -0500 Haylee Hewlett https://intel471.com/blog/darkcasino-strikes-unveiling-the-cyber-shadows-of-water-hydra Building Capable Threat Intelligence Programs https://intel471.com/blog/building-capable-threat-intelligence-programs Wed, 21 Feb 2024 12:54:00 -0500 Haylee Hewlett https://intel471.com/blog/building-capable-threat-intelligence-programs MonikerLink: Outlook's Achilles' Heel, Navigating the Perilous Waters of CVE-2024-21413 https://intel471.com/blog/monikerlink-outlooks-achilles-heel-navigating-the-perilous-waters-of-cve-2024-21413 Wed, 21 Feb 2024 12:29:59 -0500 Haylee Hewlett https://intel471.com/blog/monikerlink-outlooks-achilles-heel-navigating-the-perilous-waters-of-cve-2024-21413 What Lies Ahead After LockBit’s Disruption? https://intel471.com/blog/what-lies-ahead-after-lockbits-disruption Tue, 20 Feb 2024 10:44:00 -0500 Haylee Hewlett https://intel471.com/blog/what-lies-ahead-after-lockbits-disruption How Discord is Abused for Cybercrime https://intel471.com/blog/how-discord-is-abused-for-cybercrime Tue, 13 Feb 2024 00:00:00 -0500 Jeremy Kirk https://intel471.com/blog/how-discord-is-abused-for-cybercrime Cybercrime Exposed Podcast: Botnet Breakup https://intel471.com/blog/cybercrime-exposed-podcast-botnet-breakup Tue, 06 Feb 2024 13:04:00 -0500 Haylee Hewlett https://intel471.com/blog/cybercrime-exposed-podcast-botnet-breakup Medibank’s Attacker: IT Businessman, Claimed Psychologist and Alleged Cybercriminal https://intel471.com/blog/medibanks-attacker-it-businessman-claimed-psychologist-and-alleged-cybercriminal Wed, 24 Jan 2024 22:25:00 -0500 Jeremy Kirk https://intel471.com/blog/medibanks-attacker-it-businessman-claimed-psychologist-and-alleged-cybercriminal Testing the Efficacy of Security Software https://intel471.com/blog/testing-the-efficacy-of-security-software Wed, 24 Jan 2024 01:17:00 -0500 Haylee Hewlett https://intel471.com/blog/testing-the-efficacy-of-security-software Bulletproof Hosting: A Critical Cybercriminal Service https://intel471.com/blog/bulletproof-hosting-a-critical-cybercriminal-service Mon, 22 Jan 2024 18:24:00 -0500 Jeremy Kirk https://intel471.com/blog/bulletproof-hosting-a-critical-cybercriminal-service Why Behavioral Threat Hunting is the Big Thing for Cybersecurity in 2024 https://intel471.com/blog/why-behavioral-threat-hunting-is-the-big-thing-for-cybersecurity-in-2024 Wed, 17 Jan 2024 10:38:18 -0500 Haylee Hewlett https://intel471.com/blog/why-behavioral-threat-hunting-is-the-big-thing-for-cybersecurity-in-2024 Mitigate Supply Chain Risk with Cyber Threat Intelligence https://intel471.com/blog/mitigate-supply-chain-risk-with-cyber-threat-intelligence Tue, 16 Jan 2024 17:47:00 -0500 Haylee Hewlett https://intel471.com/blog/mitigate-supply-chain-risk-with-cyber-threat-intelligence Cybercrime Exposed Podcast: The Xbox One Hack https://intel471.com/blog/cybercrime-exposed-podcast-the-xbox-one-hack Tue, 09 Jan 2024 18:26:00 -0500 Haylee Hewlett https://intel471.com/blog/cybercrime-exposed-podcast-the-xbox-one-hack Looking Ahead: Cybersecurity Challenges in 2024 https://intel471.com/blog/looking-ahead-cybersecurity-challenges-in-2024 Sun, 07 Jan 2024 17:25:00 -0500 Haylee Hewlett https://intel471.com/blog/looking-ahead-cybersecurity-challenges-in-2024 Four Benefits of Cyber Threat Intelligence - Kick-Start the New Year with Intel 471 https://intel471.com/blog/four-benefits-of-cyber-threat-intelligence Tue, 02 Jan 2024 17:05:00 -0500 Haylee Hewlett https://intel471.com/blog/four-benefits-of-cyber-threat-intelligence The Imperative Role of Threat Hunting in Exposure Management https://intel471.com/blog/the-imperative-role-of-threat-hunting-in-exposure-management Thu, 14 Dec 2023 10:30:15 -0500 Haylee Hewlett https://intel471.com/blog/the-imperative-role-of-threat-hunting-in-exposure-management Vulnerability Management and Patching: Outrunning Attackers https://intel471.com/blog/vulnerability-management-and-patching-outrunning-attackers Wed, 13 Dec 2023 09:00:00 -0500 Haylee Hewlett https://intel471.com/blog/vulnerability-management-and-patching-outrunning-attackers Prioritization in Cybersecurity: Navigating the Content Revolution https://intel471.com/blog/prioritization-in-cybersecurity-navigating-the-content-revolution Wed, 06 Dec 2023 10:34:03 -0500 Haylee Hewlett https://intel471.com/blog/prioritization-in-cybersecurity-navigating-the-content-revolution BlueSky: Understanding and Combating the Ransomware Threat https://intel471.com/blog/understanding-and-combating-the-bluesky-ransomware-threat Wed, 06 Dec 2023 09:22:40 -0500 Haylee Hewlett https://intel471.com/blog/understanding-and-combating-the-bluesky-ransomware-threat Cybercrime Exposed Podcast: Social Engineering https://intel471.com/blog/cybercrime-exposed-podcast-social-engineering Wed, 06 Dec 2023 01:00:00 -0500 Haylee Hewlett https://intel471.com/blog/cybercrime-exposed-podcast-social-engineering Balancing Act: How AI/ML Can Both Aid and Obstruct Threat Hunting https://intel471.com/blog/balancing-act-how-ai-ml-can-both-aid-and-obstruct-threat-hunting Tue, 05 Dec 2023 09:42:22 -0500 Haylee Hewlett https://intel471.com/blog/balancing-act-how-ai-ml-can-both-aid-and-obstruct-threat-hunting Deck the Halls with Caution: Four Festive Cyber Threats to Look Out for This Season https://intel471.com/blog/deck-the-halls-with-caution-four-festive-cyber-threats-to-look-out-for-this-season Tue, 05 Dec 2023 00:00:00 -0500 Haylee Hewlett https://intel471.com/blog/deck-the-halls-with-caution-four-festive-cyber-threats-to-look-out-for-this-season Mandiant’s CTO: A Bad Year for Ransomware and Extortion https://intel471.com/blog/mandiants-cto-a-bad-year-for-ransomware-and-extortion Tue, 28 Nov 2023 17:48:00 -0500 Haylee Hewlett https://intel471.com/blog/mandiants-cto-a-bad-year-for-ransomware-and-extortion Actor yalishanda: A snapshot of a prolific bulletproof hoster https://intel471.com/blog/actor-yalishanda-a-snapshot-of-a-prolific-bulletproof-hoster Mon, 20 Nov 2023 13:03:00 -0500 Haylee Hewlett https://intel471.com/blog/actor-yalishanda-a-snapshot-of-a-prolific-bulletproof-hoster Malaysian Police Disrupt ‘The Phisherman’ https://intel471.com/blog/malaysian-police-disrupt-the-phisherman Thu, 09 Nov 2023 17:15:00 -0500 Jeremy Kirk https://intel471.com/blog/malaysian-police-disrupt-the-phisherman Cybercrime Exposed Podcast: The Extortionists https://intel471.com/blog/cybercrime-exposed-podcast-the-extortionists Tue, 07 Nov 2023 20:03:00 -0500 Haylee Hewlett https://intel471.com/blog/cybercrime-exposed-podcast-the-extortionists CVE-2023-4966 in Citrix NetScaler: Navigating the Storm https://intel471.com/blog/navigating-the-storm-safeguarding-against-cve-2023-4966-in-citrix-netscaler Tue, 07 Nov 2023 09:26:04 -0500 Haylee Hewlett https://intel471.com/blog/navigating-the-storm-safeguarding-against-cve-2023-4966-in-citrix-netscaler High Alert: Unraveling the CVE-2023-20198 Threat in Cisco IOS XE https://intel471.com/blog/high-alert-unraveling-the-cve-2023-20198-threat-in-cisco-ios-xe Wed, 01 Nov 2023 10:34:25 -0400 Haylee Hewlett https://intel471.com/blog/high-alert-unraveling-the-cve-2023-20198-threat-in-cisco-ios-xe Phishing Emails Abusing QR Codes Surge https://intel471.com/blog/phishing-emails-abusing-qr-codes-surge Tue, 31 Oct 2023 19:53:00 -0400 Jeremy Kirk https://intel471.com/blog/phishing-emails-abusing-qr-codes-surge A Halloween Story: the 10 Scariest Cyber Threat Stats from Q3 https://intel471.com/blog/a-halloween-story-the-10-scariest-cyber-threat-stats-from-q3 Mon, 30 Oct 2023 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/a-halloween-story-the-10-scariest-cyber-threat-stats-from-q3 Should Ransom Payments Be Made Illegal? https://intel471.com/blog/should-ransom-payments-be-made-illegal Tue, 24 Oct 2023 21:30:00 -0400 Haylee Hewlett https://intel471.com/blog/should-ransom-payments-be-made-illegal Detecting and Stopping Malicious Traffic https://intel471.com/blog/detecting-and-stopping-malicious-traffic Wed, 18 Oct 2023 18:50:00 -0400 Jeremy Kirk https://intel471.com/blog/detecting-and-stopping-malicious-traffic Proactively Threat Hunting in the Cloud: Why It's Essential https://intel471.com/blog/proactively-threat-hunting-in-the-cloud-why-its-essential Mon, 16 Oct 2023 09:23:52 -0400 Haylee Hewlett https://intel471.com/blog/proactively-threat-hunting-in-the-cloud-why-its-essential Cybercrime Exposed Podcast: The Phisherman https://intel471.com/blog/cybercrime-exposed-podcast-the-phisherman Tue, 10 Oct 2023 19:59:00 -0400 Haylee Hewlett https://intel471.com/blog/cybercrime-exposed-podcast-the-phisherman Managed File Transfer Software: Assessing the Risks https://intel471.com/blog/managed-file-transfer-software-assessing-the-risks Tue, 03 Oct 2023 18:51:00 -0400 Jeremy Kirk https://intel471.com/blog/managed-file-transfer-software-assessing-the-risks Why Ransomware is Stubbornly Sticking Around https://intel471.com/blog/why-ransomware-is-stubbornly-sticking-around Tue, 26 Sep 2023 05:00:00 -0400 Haylee Hewlett https://intel471.com/blog/why-ransomware-is-stubbornly-sticking-around Jason Passwaters, Intel 471: "the goal in using threat intelligence is to obtain actionable information and insight" https://intel471.com/blog/jason-passwaters-intel-471-using-threat-intelligence-to-obtain-actionable-information-and-insight Mon, 18 Sep 2023 19:44:00 -0400 Haylee Hewlett https://intel471.com/blog/jason-passwaters-intel-471-using-threat-intelligence-to-obtain-actionable-information-and-insight Bumblebee Loader Resurfaces in New Campaign https://intel471.com/blog/bumblebee-loader-resurfaces-in-new-campaign Fri, 15 Sep 2023 19:26:00 -0400 Jeremy Kirk https://intel471.com/blog/bumblebee-loader-resurfaces-in-new-campaign Navigating the Web of Scattered Spider: Understanding the Threat Landscape https://intel471.com/blog/navigating-the-web-of-scattered-spider-understanding-the-threat-landscape Fri, 15 Sep 2023 10:43:43 -0400 Haylee Hewlett https://intel471.com/blog/navigating-the-web-of-scattered-spider-understanding-the-threat-landscape Reducing Risk with Third-Party Attack Surface Monitoring https://intel471.com/blog/reducing-risk-with-third-party-attack-surface-monitoring Wed, 13 Sep 2023 21:17:00 -0400 Jeremy Kirk https://intel471.com/blog/reducing-risk-with-third-party-attack-surface-monitoring More Alleged Trickbot and Conti Gang Members Sanctioned, Charged https://intel471.com/blog/more-trickbot-and-conti-gang-members-sanctioned-charged Fri, 08 Sep 2023 02:35:00 -0400 Jeremy Kirk https://intel471.com/blog/more-trickbot-and-conti-gang-members-sanctioned-charged Threat Intelligence: The Pulsing Heart of Behavioral Threat Hunting https://intel471.com/blog/threat-intelligence-the-pulsing-heart-of-behavioral-threat-hunting Thu, 07 Sep 2023 10:55:00 -0400 Haylee Hewlett https://intel471.com/blog/threat-intelligence-the-pulsing-heart-of-behavioral-threat-hunting Cryptocurrency Malware: An Ever-Adapting Threat https://intel471.com/blog/cryptocurrency-malware-an-ever-adapting-threat Tue, 29 Aug 2023 21:43:00 -0400 Jeremy Kirk https://intel471.com/blog/cryptocurrency-malware-an-ever-adapting-threat Rhysida Ransomware Revealed https://intel471.com/blog/rhysida-ransomware-revealed Thu, 17 Aug 2023 08:18:47 -0400 Haylee Hewlett https://intel471.com/blog/rhysida-ransomware-revealed Behind Enemy Lines: Unraveling the Mystery of TA505's FlawedGrace RAT https://intel471.com/blog/behind-enemy-lines-unraveling-the-mystery-of-ta505s-flawedgrace-rat Thu, 10 Aug 2023 13:15:50 -0400 Haylee Hewlett https://intel471.com/blog/behind-enemy-lines-unraveling-the-mystery-of-ta505s-flawedgrace-rat Open Source Release of Intel 471 Intelligence Requirements Framework https://intel471.com/blog/open-source-release-of-intel-471-intelligence-requirements-framework Mon, 07 Aug 2023 00:30:00 -0400 Haylee Hewlett https://intel471.com/blog/open-source-release-of-intel-471-intelligence-requirements-framework Cyber Storm Unleashed: Unmasking STORM-0978's Exploitation of the CVE-2023-36884 Vulnerability https://intel471.com/blog/cyber-storm-unleashed-unmasking-storm-0978s-exploitation-of-the-cve-2023-36884-vulnerability Wed, 26 Jul 2023 13:27:46 -0400 Haylee Hewlett https://intel471.com/blog/cyber-storm-unleashed-unmasking-storm-0978s-exploitation-of-the-cve-2023-36884-vulnerability Navigating the BlackLotus Threat: Unraveling the UEFI BootKit Attack https://intel471.com/blog/navigating-the-blacklotus-threat-unraveling-the-uefi-bootkit-attack Wed, 26 Jul 2023 08:46:10 -0400 Haylee Hewlett https://intel471.com/blog/navigating-the-blacklotus-threat-unraveling-the-uefi-bootkit-attack Moving Beyond Trust: The Crucial Role of Emulation and Validation in Threat Hunting https://intel471.com/blog/moving-beyond-trust-the-crucial-role-of-emulation-and-validation-in-threat-hunting Wed, 19 Jul 2023 10:15:40 -0400 Haylee Hewlett https://intel471.com/blog/moving-beyond-trust-the-crucial-role-of-emulation-and-validation-in-threat-hunting Vulnerability Monitoring: Reducing Third-Party Risk https://intel471.com/blog/vulnerability-monitoring-reducing-third-party-risk Tue, 18 Jul 2023 20:04:00 -0400 Jeremy Kirk https://intel471.com/blog/vulnerability-monitoring-reducing-third-party-risk Stopping the Reuse of Credentials and Session Tokens https://intel471.com/blog/stopping-the-reuse-of-credentials-and-session-tokens Wed, 12 Jul 2023 07:00:00 -0400 Haylee Hewlett https://intel471.com/blog/stopping-the-reuse-of-credentials-and-session-tokens Unmasking CL0P Ransomware: Understanding the Threat Shaking Up Global Security https://intel471.com/blog/unmasking-cl0p-ransomware-understanding-the-threat-shaking-up-global-security Fri, 07 Jul 2023 09:10:15 -0400 Haylee Hewlett https://intel471.com/blog/unmasking-cl0p-ransomware-understanding-the-threat-shaking-up-global-security Detecting Credential Theft to Prevent Data Breaches https://intel471.com/blog/detecting-credential-theft-to-prevent-data-breaches Tue, 04 Jul 2023 17:55:00 -0400 Jeremy Kirk https://intel471.com/blog/detecting-credential-theft-to-prevent-data-breaches The Hunt Is On: Why Threat Hunting Still Reigns Supreme Over Vulnerability Hunting https://intel471.com/blog/the-hunt-is-on-why-threat-hunting-still-reigns-supreme-over-vulnerability-hunting Thu, 29 Jun 2023 15:10:56 -0400 Haylee Hewlett https://intel471.com/blog/the-hunt-is-on-why-threat-hunting-still-reigns-supreme-over-vulnerability-hunting Threat Hunting: Closing the Gap in Cybersecurity Defenses https://intel471.com/blog/threat-hunting-closing-the-gap-in-cybersecurity-defenses Thu, 29 Jun 2023 12:08:08 -0400 Haylee Hewlett https://intel471.com/blog/threat-hunting-closing-the-gap-in-cybersecurity-defenses Threat Hunting: Cybersecurity's Long-Overdue Wake-Up Call https://intel471.com/blog/threat-hunting-cybersecuritys-long-overdue-wake-up-call Wed, 28 Jun 2023 10:44:17 -0400 Haylee Hewlett https://intel471.com/blog/threat-hunting-cybersecuritys-long-overdue-wake-up-call The Chirping Intruder: Unraveling the Mockingjay Cyber Attack and How to Stay Ahead of It https://intel471.com/blog/the-chirping-intruder-unraveling-the-mockingjay-cyber-attack-and-how-to-stay-ahead-of-it Tue, 27 Jun 2023 14:16:46 -0400 Haylee Hewlett https://intel471.com/blog/the-chirping-intruder-unraveling-the-mockingjay-cyber-attack-and-how-to-stay-ahead-of-it Revving Up Threat Hunting with Query Tuning https://intel471.com/blog/revving-up-threat-hunting-with-query-tuning Mon, 26 Jun 2023 13:29:41 -0400 Haylee Hewlett https://intel471.com/blog/revving-up-threat-hunting-with-query-tuning Insights from CLOP’s MOVEit Extortion Attack https://intel471.com/blog/insights-from-clops-moveit-extortion-attack Thu, 22 Jun 2023 20:28:00 -0400 Jeremy Kirk https://intel471.com/blog/insights-from-clops-moveit-extortion-attack Using Threat Intelligence to Counter Ransomware https://intel471.com/blog/using-threat-intelligence-to-counter-ransomware Wed, 21 Jun 2023 18:54:00 -0400 Jeremy Kirk https://intel471.com/blog/using-threat-intelligence-to-counter-ransomware Decoding CVE-2023-34362: Unmasking the MOVEit Transfer Vulnerability and Its Exploitation https://intel471.com/blog/decoding-cve-2023-34362-unmasking-the-moveit-transfer-vulnerability-and-its-exploitation Wed, 07 Jun 2023 11:02:09 -0400 Haylee Hewlett https://intel471.com/blog/decoding-cve-2023-34362-unmasking-the-moveit-transfer-vulnerability-and-its-exploitation How Gray Market Cryptocurrency Exchanges Fuel Cybercrime https://intel471.com/blog/how-gray-market-cryptocurrency-exchanges-fuel-cybercrime Tue, 06 Jun 2023 19:49:00 -0400 Jeremy Kirk https://intel471.com/blog/how-gray-market-cryptocurrency-exchanges-fuel-cybercrime Unmasking RedLine Stealer: A Deep Dive into its Threat Landscape and Technical Exploitation https://intel471.com/blog/unmasking-redline-stealer-a-deep-dive-into-its-threat-landscape-and-technical-exploitation Tue, 06 Jun 2023 11:12:11 -0400 Haylee Hewlett https://intel471.com/blog/unmasking-redline-stealer-a-deep-dive-into-its-threat-landscape-and-technical-exploitation Nokoyawa Ransomware Uncovered: Its Evolution and Impact https://intel471.com/blog/nokoyawa-ransomware-uncovered-its-evolution-and-impact Wed, 24 May 2023 14:34:09 -0400 Haylee Hewlett https://intel471.com/blog/nokoyawa-ransomware-uncovered-its-evolution-and-impact Gaining the Intelligence Advantage with Cyber HUMINT - Part Three https://intel471.com/blog/gaining-the-intelligence-advantage-with-cyber-humint-part-three Wed, 24 May 2023 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/gaining-the-intelligence-advantage-with-cyber-humint-part-three The Art of Drafting a Stellar Threat Hunting Report: A Deep Dive https://intel471.com/blog/the-art-of-drafting-a-stellar-threat-hunting-report-a-deep-dive Mon, 22 May 2023 11:44:04 -0400 Haylee Hewlett https://intel471.com/blog/the-art-of-drafting-a-stellar-threat-hunting-report-a-deep-dive Guarding the Gates: The Intricacies of Detection Engineering and Threat Hunting https://intel471.com/blog/guarding-the-gates-the-intricacies-of-detection-engineering-and-threat-hunting Fri, 19 May 2023 09:33:35 -0400 Haylee Hewlett https://intel471.com/blog/guarding-the-gates-the-intricacies-of-detection-engineering-and-threat-hunting Gaining the Intelligence Advantage with Cyber HUMINT - Part Two https://intel471.com/blog/gaining-the-intelligence-advantage-with-cyber-humint-part-two Wed, 17 May 2023 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/gaining-the-intelligence-advantage-with-cyber-humint-part-two Cactus Ransomware: A Thorny New Threat on the Horizon https://intel471.com/blog/cactus-ransomware-a-thorny-new-threat-on-the-horizon Tue, 16 May 2023 14:54:25 -0400 Haylee Hewlett https://intel471.com/blog/cactus-ransomware-a-thorny-new-threat-on-the-horizon Unleashing the Serpent: Navigating the Threat of Snake Malware https://intel471.com/blog/unleashing-the-serpent-navigating-the-threat-of-snake-malware Tue, 16 May 2023 09:22:57 -0400 Haylee Hewlett https://intel471.com/blog/unleashing-the-serpent-navigating-the-threat-of-snake-malware Gaining the Intelligence Advantage with Cyber HUMINT - Part One https://intel471.com/blog/gaining-the-intelligence-advantage-with-cyber-humint-part-one Sun, 14 May 2023 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/gaining-the-intelligence-advantage-with-cyber-humint-part-one The Power Shift: Prioritizing Behavioral Threat Hunting Over Panic Patching https://intel471.com/blog/the-power-shift-prioritizing-behavioral-threat-hunting-over-panic-patching Wed, 10 May 2023 15:32:42 -0400 Haylee Hewlett https://intel471.com/blog/the-power-shift-prioritizing-behavioral-threat-hunting-over-panic-patching Unlocking the Power of Threat Hunting with MITRE ATT&CK https://intel471.com/blog/unlocking-the-power-of-threat-hunting-with-mitre-attck Wed, 10 May 2023 14:42:24 -0400 Haylee Hewlett https://intel471.com/blog/unlocking-the-power-of-threat-hunting-with-mitre-attck Rapture Ransomware: A Deep Dive into the Silent Cyber Storm https://intel471.com/blog/rapture-ransomware-a-deep-dive-into-the-silent-cyber-storm Wed, 10 May 2023 09:28:10 -0400 Haylee Hewlett https://intel471.com/blog/rapture-ransomware-a-deep-dive-into-the-silent-cyber-storm Art of the Hunt: Building a Threat Hunting Hypothesis List https://intel471.com/blog/art-of-the-hunt-building-a-threat-hunting-hypothesis-list Tue, 09 May 2023 15:34:51 -0400 Haylee Hewlett https://intel471.com/blog/art-of-the-hunt-building-a-threat-hunting-hypothesis-list Deepfakes and AI: Ready for Cybercrime Prime Time? https://intel471.com/blog/deepfakes-and-ai-ready-for-cybercrime-prime-time Wed, 26 Apr 2023 05:41:00 -0400 Jeremy Kirk https://intel471.com/blog/deepfakes-and-ai-ready-for-cybercrime-prime-time Countering the Problem of Credential Theft https://intel471.com/blog/countering-the-problem-of-credential-theft Thu, 13 Apr 2023 21:08:00 -0400 Jeremy Kirk https://intel471.com/blog/countering-the-problem-of-credential-theft ROI Unlocked: Metrics & Reporting in Threat Hunting Success https://intel471.com/blog/roi-unlocked-metrics-reporting-in-threat-hunting-success Wed, 05 Apr 2023 11:16:51 -0400 Haylee Hewlett https://intel471.com/blog/roi-unlocked-metrics-reporting-in-threat-hunting-success 3CX VoIP Desktop Application Supply Chain Attack https://intel471.com/blog/3cx-voip-desktop-application-supply-chain-attack Fri, 31 Mar 2023 12:00:35 -0400 Haylee Hewlett https://intel471.com/blog/3cx-voip-desktop-application-supply-chain-attack The Demise of the Breached Cybercrime Forum https://intel471.com/blog/the-demise-of-the-breached-cybercrime-forum Wed, 29 Mar 2023 18:44:00 -0400 Jeremy Kirk https://intel471.com/blog/the-demise-of-the-breached-cybercrime-forum Microsoft OneNote Malware Delivery and Installation https://intel471.com/blog/microsoft-onenote-malware-delivery-and-installation Tue, 28 Mar 2023 12:05:06 -0400 Haylee Hewlett https://intel471.com/blog/microsoft-onenote-malware-delivery-and-installation New loader on the bloc - AresLoader https://intel471.com/blog/new-loader-on-the-bloc-aresloader Wed, 22 Mar 2023 17:22:00 -0400 Haylee Hewlett https://intel471.com/blog/new-loader-on-the-bloc-aresloader HyperBro RAT https://intel471.com/blog/hyperbro-rat Tue, 21 Mar 2023 10:35:56 -0400 Haylee Hewlett https://intel471.com/blog/hyperbro-rat Medusa Ransomware https://intel471.com/blog/medusa Tue, 21 Mar 2023 10:34:21 -0400 Haylee Hewlett https://intel471.com/blog/medusa No More Missed Opportunities: Maximizing Your Threat Hunting Efforts https://intel471.com/blog/no-more-missed-opportunities-maximizing-your-threat-hunting-efforts Sat, 18 Mar 2023 15:48:12 -0400 Haylee Hewlett https://intel471.com/blog/no-more-missed-opportunities-maximizing-your-threat-hunting-efforts 7 Reasons to Hold Off on HUNTER: Why It Might Not Be For You (Yet)! https://intel471.com/blog/7-reasons-to-hold-off-on-hunter-why-it-might-not-be-for-you-yet Fri, 17 Mar 2023 15:49:47 -0400 Haylee Hewlett https://intel471.com/blog/7-reasons-to-hold-off-on-hunter-why-it-might-not-be-for-you-yet CVE-2023-23397 Security Vulnerability https://intel471.com/blog/cve-2023-23397-security-vulnerability Fri, 17 Mar 2023 12:10:07 -0400 Haylee Hewlett https://intel471.com/blog/cve-2023-23397-security-vulnerability Detecting CVE-2023-23397: How to Identify Exploitation of the Latest Microsoft Outlook Vulnerability https://intel471.com/blog/detecting-cve-2023-23397-how-to-identify-exploitation-of-the-latest-microsoft-outlook-vulnerability Thu, 16 Mar 2023 18:58:29 -0400 Haylee Hewlett https://intel471.com/blog/detecting-cve-2023-23397-how-to-identify-exploitation-of-the-latest-microsoft-outlook-vulnerability Threat Hunting in Retail: How it Improved Security and Detection Time https://intel471.com/blog/threat-hunting-in-retail-how-it-improved-security-and-detection-time Thu, 16 Mar 2023 15:50:34 -0400 Haylee Hewlett https://intel471.com/blog/threat-hunting-in-retail-how-it-improved-security-and-detection-time A Look at NLBrute, the RDP Attack Tool https://intel471.com/blog/a-look-at-nlbrute-the-rdp-attack-tool Wed, 15 Mar 2023 18:11:00 -0400 Jeremy Kirk https://intel471.com/blog/a-look-at-nlbrute-the-rdp-attack-tool Thwarting Threats in Healthcare: The Art of Threat Hunting https://intel471.com/blog/thwarting-threats-in-healthcare-the-art-of-threat-hunting Wed, 15 Mar 2023 15:51:22 -0400 Haylee Hewlett https://intel471.com/blog/thwarting-threats-in-healthcare-the-art-of-threat-hunting Why You Need a Team of Ninja Threat Hunters to Protect Your Data https://intel471.com/blog/why-you-need-a-team-of-ninja-threat-hunters-to-protect-your-data Tue, 14 Mar 2023 16:00:08 -0400 Haylee Hewlett https://intel471.com/blog/why-you-need-a-team-of-ninja-threat-hunters-to-protect-your-data 50 Threat Hunting Hypothesis Examples https://intel471.com/blog/50-threat-hunting-hypothesis-examples Mon, 13 Mar 2023 16:25:02 -0400 Haylee Hewlett https://intel471.com/blog/50-threat-hunting-hypothesis-examples Unveiling the Shadow AI: The Rise of AI Reliance in Cybersecurity https://intel471.com/blog/unveiling-the-shadow-ai-the-rise-of-ai-reliance-in-cybersecurity Sun, 12 Mar 2023 15:33:13 -0400 Haylee Hewlett https://intel471.com/blog/unveiling-the-shadow-ai-the-rise-of-ai-reliance-in-cybersecurity Hunting Emotet: How Behavioural Hunting Trumps IOC Detection Every Time https://intel471.com/blog/hunting-emotet-how-behavioural-hunting-trumps-ioc-detection-every-time Sat, 11 Mar 2023 08:36:30 -0500 Haylee Hewlett https://intel471.com/blog/hunting-emotet-how-behavioural-hunting-trumps-ioc-detection-every-time Threat Hunting: The Talent Search That's More Complicated Than The Bachelor https://intel471.com/blog/threat-hunting-the-talent-search-thats-more-complicated-than-the-bachelor Fri, 10 Mar 2023 13:47:19 -0500 Haylee Hewlett https://intel471.com/blog/threat-hunting-the-talent-search-thats-more-complicated-than-the-bachelor Revealing the Power of Keylogging: Hunting for the Revealer Keylogger https://intel471.com/blog/revealing-the-power-of-keylogging-hunting-for-the-revealer-keylogger Thu, 09 Mar 2023 06:21:01 -0500 Haylee Hewlett https://intel471.com/blog/revealing-the-power-of-keylogging-hunting-for-the-revealer-keylogger A Ransomware Forecast for 2023 https://intel471.com/blog/a-ransomware-forecast-for-2023 Wed, 08 Mar 2023 19:00:00 -0500 Jeremy Kirk https://intel471.com/blog/a-ransomware-forecast-for-2023 Searching Images on Underground Forums https://intel471.com/blog/searching-images-on-underground-forums Sun, 05 Mar 2023 08:00:00 -0500 Jeremy Kirk https://intel471.com/blog/searching-images-on-underground-forums Malvertising Surges to Distribute Malware https://intel471.com/blog/malvertising-surges-to-distribute-malware Tue, 28 Feb 2023 17:30:00 -0500 Jeremy Kirk https://intel471.com/blog/malvertising-surges-to-distribute-malware Threat Hunting Content Platform: Supercharge Your Threat Hunting https://intel471.com/blog/threat-hunting-content-platform-supercharge-your-threat-hunting Wed, 22 Feb 2023 12:50:43 -0500 Haylee Hewlett https://intel471.com/blog/threat-hunting-content-platform-supercharge-your-threat-hunting How Offensive Action is Countering Ransomware https://intel471.com/blog/how-offensive-action-is-countering-ransomware Tue, 21 Feb 2023 18:15:00 -0500 Jeremy Kirk https://intel471.com/blog/how-offensive-action-is-countering-ransomware The Trickbot-Conti Ransomware Gang Has Been Sanctioned https://intel471.com/blog/the-trickbot-conti-ransomware-gang-has-been-sanctioned-what-does-it-mean Mon, 13 Feb 2023 13:37:00 -0500 Haylee Hewlett https://intel471.com/blog/the-trickbot-conti-ransomware-gang-has-been-sanctioned-what-does-it-mean From Security Analyst to Threat Hunter: How to Make the Leap and Track Down the Bad Guys https://intel471.com/blog/from-security-analyst-to-threat-hunter-how-to-make-the-leap-and-track-down-the-bad-guys Thu, 09 Feb 2023 11:56:31 -0500 Haylee Hewlett https://intel471.com/blog/from-security-analyst-to-threat-hunter-how-to-make-the-leap-and-track-down-the-bad-guys An Analysis of the VMware ESXi Ransomware Blitz https://intel471.com/blog/an-analysis-of-the-vmware-esxi-ransomware-blitz Wed, 08 Feb 2023 11:27:00 -0500 Haylee Hewlett https://intel471.com/blog/an-analysis-of-the-vmware-esxi-ransomware-blitz Intel 471 Attack Surface Protection - A Critical Component for Defense https://intel471.com/blog/intel-471-attack-surface-protection-a-critical-component-for-defense Tue, 07 Feb 2023 05:00:00 -0500 Haylee Hewlett https://intel471.com/blog/intel-471-attack-surface-protection-a-critical-component-for-defense Threat Hunting: The Best Defense is a Good (Proactive) Offense https://intel471.com/blog/threat-hunting-the-best-defense-is-a-good-proactive-offense Wed, 01 Feb 2023 17:03:42 -0500 Haylee Hewlett https://intel471.com/blog/threat-hunting-the-best-defense-is-a-good-proactive-offense Threat Hunting: The Cost-Effective Way to Protect Your Organization's Bottom Line (and Keep the Hackers at Bay) https://intel471.com/blog/threat-hunting-the-cost-effective-way-to-protect-your-organizations-bottom-line-and-keep-the-hackers-at-bay Wed, 25 Jan 2023 17:04:31 -0500 Haylee Hewlett https://intel471.com/blog/threat-hunting-the-cost-effective-way-to-protect-your-organizations-bottom-line-and-keep-the-hackers-at-bay Cyber Threats Facing the Automotive Industry https://intel471.com/blog/cyber-threats-facing-the-automotive-industry Wed, 25 Jan 2023 11:03:00 -0500 Haylee Hewlett https://intel471.com/blog/cyber-threats-facing-the-automotive-industry Will Recent Police Action Deter DDoS For-Hire Services? https://intel471.com/blog/will-recent-police-action-deter-ddos-for-hire-services Wed, 18 Jan 2023 12:44:00 -0500 Haylee Hewlett https://intel471.com/blog/will-recent-police-action-deter-ddos-for-hire-services Hunting for Threats: The Importance of the Human Touch in Cybersecurity https://intel471.com/blog/hunting-for-threats-the-importance-of-the-human-touch-in-cybersecurity Wed, 11 Jan 2023 17:14:45 -0500 Haylee Hewlett https://intel471.com/blog/hunting-for-threats-the-importance-of-the-human-touch-in-cybersecurity A Look at eSIMs and Number Hijacking https://intel471.com/blog/a-look-at-esims-and-number-hijacking Wed, 11 Jan 2023 11:45:00 -0500 Haylee Hewlett https://intel471.com/blog/a-look-at-esims-and-number-hijacking Why Behaviors Matter in Threat Hunting https://intel471.com/blog/why-behaviors-matter-in-threat-hunting Wed, 04 Jan 2023 16:02:03 -0500 Haylee Hewlett https://intel471.com/blog/why-behaviors-matter-in-threat-hunting The 80 Best Cyber Security YouTube Channels https://intel471.com/blog/the-80-best-cybersecurity-youtube-channels Wed, 14 Dec 2022 16:47:17 -0500 Haylee Hewlett https://intel471.com/blog/the-80-best-cybersecurity-youtube-channels Twitter’s Leaky API: Who Does it Impact, Why Does it Matter https://intel471.com/blog/twitters-leaky-api-who-does-it-impact-why-does-it-matter Wed, 14 Dec 2022 11:09:00 -0500 Haylee Hewlett https://intel471.com/blog/twitters-leaky-api-who-does-it-impact-why-does-it-matter Countering One-Time Password Bots https://intel471.com/blog/countering-one-time-password-bots Wed, 07 Dec 2022 05:00:00 -0500 Haylee Hewlett https://intel471.com/blog/countering-one-time-password-bots A Primer on Zero-Day Vulnerabilities https://intel471.com/blog/zero-day-vulnerabilities-a-primer Thu, 01 Dec 2022 05:00:00 -0500 Haylee Hewlett https://intel471.com/blog/zero-day-vulnerabilities-a-primer Threat Hunting Should Become a Standard Requirement https://intel471.com/blog/threat-hunting-should-become-a-standard-requirement Thu, 01 Dec 2022 02:00:00 -0500 Haylee Hewlett https://intel471.com/blog/threat-hunting-should-become-a-standard-requirement A Product Roadmap for Cybercrime https://intel471.com/blog/product-roadmap-for-cybercrime Wed, 23 Nov 2022 05:00:00 -0500 Joy Nemitz https://intel471.com/blog/product-roadmap-for-cybercrime A Theoretically Devastating Cyber Attack on America’s Gas Stations https://intel471.com/blog/a-theoretically-devastating-cyber-attack-on-americas-gas-stations Thu, 10 Nov 2022 08:34:04 -0500 Haylee Hewlett https://intel471.com/blog/a-theoretically-devastating-cyber-attack-on-americas-gas-stations Denial-of-Service in the Cyber Underground https://intel471.com/blog/denial-of-service-in-the-cyber-underground Wed, 09 Nov 2022 10:28:00 -0500 Haylee Hewlett https://intel471.com/blog/denial-of-service-in-the-cyber-underground Intel 471's Overview of Ransomware Activity Through Q3 2022 https://intel471.com/blog/intel-471s-overview-of-ransomware-activity-through-q3-2022 Fri, 04 Nov 2022 15:06:00 -0400 Haylee Hewlett https://intel471.com/blog/intel-471s-overview-of-ransomware-activity-through-q3-2022 Text4Shell (CVE-2022-42889) Vulnerability https://intel471.com/blog/text4shell-vulnerability Thu, 03 Nov 2022 09:21:46 -0400 Haylee Hewlett https://intel471.com/blog/text4shell-vulnerability The No-Nonsense Benefits of Threat Hunting https://intel471.com/blog/the-no-nonsense-benefits-of-threat-hunting Thu, 03 Nov 2022 02:00:00 -0400 Haylee Hewlett https://intel471.com/blog/the-no-nonsense-benefits-of-threat-hunting Intel 471 Acquires SpiderFoot https://intel471.com/blog/intel-471-acquires-spiderfoot Wed, 02 Nov 2022 13:00:00 -0400 Haylee Hewlett https://intel471.com/blog/intel-471-acquires-spiderfoot Russian-speaking actors offer unique perspectives on Putin's military mobilization https://intel471.com/blog/russian-speaking-actors-offer-unique-perspectives-on-putins-military-mobilization Wed, 26 Oct 2022 10:25:00 -0400 Haylee Hewlett https://intel471.com/blog/russian-speaking-actors-offer-unique-perspectives-on-putins-military-mobilization Venus Ransomware https://intel471.com/blog/venus-ransomware Thu, 20 Oct 2022 10:20:33 -0400 Haylee Hewlett https://intel471.com/blog/venus-ransomware Threat Hunting Interview Questions: The Top 10 for 2022! https://intel471.com/blog/top-10-threat-hunting-interview-questions-for-2022 Thu, 20 Oct 2022 04:00:00 -0400 Haylee Hewlett https://intel471.com/blog/top-10-threat-hunting-interview-questions-for-2022 Pro-Russian Hacktivism and Its Role in the War in Ukraine https://intel471.com/blog/pro-russian-hacktivism-and-its-role-in-the-war-in-ukraine Wed, 19 Oct 2022 05:00:00 -0400 Haylee Hewlett https://intel471.com/blog/pro-russian-hacktivism-and-its-role-in-the-war-in-ukraine LockBit 3.0 Builder Code Leak Points to Another Disgruntled Criminal Employee https://intel471.com/blog/lockbit-3-0-builder-code-leak-points-to-another-disgruntled-criminal-employee Wed, 12 Oct 2022 02:00:00 -0400 Haylee Hewlett https://intel471.com/blog/lockbit-3-0-builder-code-leak-points-to-another-disgruntled-criminal-employee Cyber Underground Marketplace Intelligence: A New Offering from Intel 471 to Help Anticipate Future Threats https://intel471.com/blog/cyber-underground-marketplace-intelligence-a-new-offering-from-intel-471-to-help-anticipate-future-threats Wed, 05 Oct 2022 05:00:00 -0400 Haylee Hewlett https://intel471.com/blog/cyber-underground-marketplace-intelligence-a-new-offering-from-intel-471-to-help-anticipate-future-threats Uncovering a Fake Recruiter Scam https://intel471.com/blog/uncovering-a-fake-recruiter-scam Wed, 05 Oct 2022 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/uncovering-a-fake-recruiter-scam ProxyNotShell - CVE-2022-40140 & CVE-2022-41082 https://intel471.com/blog/proxynotshell Fri, 30 Sep 2022 09:07:02 -0400 Haylee Hewlett https://intel471.com/blog/proxynotshell Authentication Token Vulnerability with Microsoft Teams https://intel471.com/blog/micrososft-teams-vulnerability-authentication-token Tue, 27 Sep 2022 11:42:02 -0400 Haylee Hewlett https://intel471.com/blog/micrososft-teams-vulnerability-authentication-token How Threat Actors Use Underground Marketplaces https://intel471.com/blog/how-threat-actors-use-underground-marketplaces Thu, 22 Sep 2022 14:24:00 -0400 Haylee Hewlett https://intel471.com/blog/how-threat-actors-use-underground-marketplaces No Protection Against Nation-State https://intel471.com/blog/no-protection-against-nation-state Thu, 22 Sep 2022 05:00:00 -0400 Haylee Hewlett https://intel471.com/blog/no-protection-against-nation-state Emotet Malware Update and Development https://intel471.com/blog/emotet-malware-update-and-development Tue, 20 Sep 2022 10:54:31 -0400 Haylee Hewlett https://intel471.com/blog/emotet-malware-update-and-development Pro-Russian Hacktivist Groups Target Ukraine Supporters https://intel471.com/blog/pro-russian-hacktivist-groups-target-ukraine-supporters Wed, 14 Sep 2022 02:00:00 -0400 Haylee Hewlett https://intel471.com/blog/pro-russian-hacktivist-groups-target-ukraine-supporters Red Team Tools: Hunting for the Top 3 Tools https://intel471.com/blog/red-team-tools-hunting-for-the-top-3-tools Thu, 08 Sep 2022 08:58:56 -0400 Haylee Hewlett https://intel471.com/blog/red-team-tools-hunting-for-the-top-3-tools Conti vs. Monti: A Reinvention or Just a Simple Rebranding? https://intel471.com/blog/conti-vs-monti-a-reinvention-or-just-a-simple-rebranding Wed, 07 Sep 2022 02:00:00 -0400 Haylee Hewlett https://intel471.com/blog/conti-vs-monti-a-reinvention-or-just-a-simple-rebranding How OSINT Can Be Used to Elevate DFIR https://intel471.com/blog/how-osint-can-be-used-to-elevate-dfir Mon, 05 Sep 2022 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/how-osint-can-be-used-to-elevate-dfir Threat Hunting Program: 5 Best Practices for Success https://intel471.com/blog/threat-hunting-program-5-best-practices-for-success Thu, 01 Sep 2022 09:01:30 -0400 Haylee Hewlett https://intel471.com/blog/threat-hunting-program-5-best-practices-for-success ERMAC 2.0: Perfecting the Art of Account Takeover https://intel471.com/blog/rmac-2-0-perfecting-the-art-of-account-takeover Wed, 31 Aug 2022 05:00:00 -0400 Joy Nemitz https://intel471.com/blog/rmac-2-0-perfecting-the-art-of-account-takeover Bumblebee Loader https://intel471.com/blog/bumblebee-loader Mon, 29 Aug 2022 09:59:35 -0400 Haylee Hewlett https://intel471.com/blog/bumblebee-loader Here’s how to use Intel 471 with existing intelligence frameworks https://intel471.com/blog/how-to-use-intel-471-with-existing-intelligence-frameworks Wed, 24 Aug 2022 01:12:00 -0400 Joy Nemitz https://intel471.com/blog/how-to-use-intel-471-with-existing-intelligence-frameworks Five takeaways from Intel 471’s first Annual Threat Report https://intel471.com/blog/five-takeaways-from-intel-471s-first-annual-threat-report Wed, 24 Aug 2022 01:00:00 -0400 Greg Otto https://intel471.com/blog/five-takeaways-from-intel-471s-first-annual-threat-report Discovering the Infrastructure of an iCloud Phishing Scam https://intel471.com/blog/discovering-the-infrastructure-of-an-icloud-phishing-scam Sun, 21 Aug 2022 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/discovering-the-infrastructure-of-an-icloud-phishing-scam Red Team Tools https://intel471.com/blog/red-team-tools Sun, 07 Aug 2022 15:59:00 -0400 Haylee Hewlett https://intel471.com/blog/red-team-tools Using SpiderFoot for Offensive Reconnaissance: Part 2 – Validation https://intel471.com/blog/using-spiderfoot-for-offensive-reconnaissance-part-2-validation Fri, 05 Aug 2022 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/using-spiderfoot-for-offensive-reconnaissance-part-2-validation Why cybercriminals are flocking to Telegram https://intel471.com/blog/why-cybercriminals-are-flocking-to-telegram Tue, 02 Aug 2022 02:00:00 -0400 Greg Otto https://intel471.com/blog/why-cybercriminals-are-flocking-to-telegram How cybercriminals are using messaging apps to launch malware schemes https://intel471.com/blog/how-cybercriminals-are-using-messaging-apps-to-launch-malware-schemes Tue, 26 Jul 2022 02:00:00 -0400 Greg Otto https://intel471.com/blog/how-cybercriminals-are-using-messaging-apps-to-launch-malware-schemes Using cybercrime as cover: How Conti operators are lying low https://intel471.com/blog/using-cybercrime-as-cover-how-conti-operators-are-lying-low Tue, 19 Jul 2022 02:00:00 -0400 Greg Otto https://intel471.com/blog/using-cybercrime-as-cover-how-conti-operators-are-lying-low Why organizations should (and should not) worry about KillNet https://intel471.com/blog/killnet-xaknet-legion-ddos-attacks Tue, 12 Jul 2022 02:00:00 -0400 Greg Otto https://intel471.com/blog/killnet-xaknet-legion-ddos-attacks Proactive Security and Why Every Business Needs It... Yesterday https://intel471.com/blog/proactive-security-and-why-every-business-needs-it-yesterday Thu, 07 Jul 2022 09:39:56 -0400 Haylee Hewlett https://intel471.com/blog/proactive-security-and-why-every-business-needs-it-yesterday Using SpiderFoot for Offensive Reconnaissance: Part 1 – Discovery https://intel471.com/blog/using-spiderfoot-for-offensive-reconnaissance-part-1-discovery Wed, 29 Jun 2022 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/using-spiderfoot-for-offensive-reconnaissance-part-1-discovery The 7 common traits among highly-successful cybercriminals: Part II https://intel471.com/blog/cybercriminals-common-traits-part-2 Tue, 28 Jun 2022 02:00:00 -0400 Greg Otto https://intel471.com/blog/cybercriminals-common-traits-part-2 Qakbot https://intel471.com/blog/qakbot Tue, 21 Jun 2022 14:48:03 -0400 Haylee Hewlett https://intel471.com/blog/qakbot The 7 common traits among highly successful cybercriminals: Part I https://intel471.com/blog/cybercriminals-common-traits-part-1 Tue, 21 Jun 2022 02:00:00 -0400 Greg Otto https://intel471.com/blog/cybercriminals-common-traits-part-1 Cybercriminals preying on travel surge with a host of different scams https://intel471.com/blog/travel-fraud-cybercrime-ransomware-pii Wed, 15 Jun 2022 02:00:00 -0400 Greg Otto https://intel471.com/blog/travel-fraud-cybercrime-ransomware-pii MSPs Have Unique Advantages in Threat Hunting - Strength in Numbers https://intel471.com/blog/msps-have-unique-advantages-in-threat-hunting-strength-in-numbers Thu, 09 Jun 2022 08:53:30 -0400 Haylee Hewlett https://intel471.com/blog/msps-have-unique-advantages-in-threat-hunting-strength-in-numbers Follina Vulnerability - CVE-2022-30190 https://intel471.com/blog/follina-vulnerability-cve-2022-30190 Wed, 08 Jun 2022 06:26:32 -0400 Haylee Hewlett https://intel471.com/blog/follina-vulnerability-cve-2022-30190 How to Prevent Ransomware: 5 Common Behaviors to Hunt https://intel471.com/blog/how-to-prevent-ransomware-5-common-behaviors-to-hunt Thu, 02 Jun 2022 09:21:24 -0400 Haylee Hewlett https://intel471.com/blog/how-to-prevent-ransomware-5-common-behaviors-to-hunt The relationship between access brokers and ransomware crews is growing https://intel471.com/blog/access-brokers-ransomware-relationship-growing Thu, 02 Jun 2022 02:00:00 -0400 Greg Otto https://intel471.com/blog/access-brokers-ransomware-relationship-growing 6 Threat Hunting Ideas You Can Use Today! https://intel471.com/blog/6-threat-hunting-ideas-you-can-use-today Thu, 26 May 2022 09:34:47 -0400 Haylee Hewlett https://intel471.com/blog/6-threat-hunting-ideas-you-can-use-today Using SpiderFoot to Investigate Phishing Domains Targeting Ukrainian Soldiers https://intel471.com/blog/using-spiderfoot-to-investigate-phishing-domains-targeting-ukrainian-soldiers Mon, 23 May 2022 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/using-spiderfoot-to-investigate-phishing-domains-targeting-ukrainian-soldiers Threat Hunting Hypothesis Examples: Five Hunts to Start Out https://intel471.com/blog/threat-hunting-hypothesis-examples-five-hunts-to-start-out Thu, 19 May 2022 09:35:27 -0400 Haylee Hewlett https://intel471.com/blog/threat-hunting-hypothesis-examples-five-hunts-to-start-out What malware to look for if you want to prevent a ransomware attack https://intel471.com/blog/malware-before-ransomware-trojan-information-stealer-cobalt-strike Thu, 12 May 2022 02:00:00 -0400 Greg Otto https://intel471.com/blog/malware-before-ransomware-trojan-information-stealer-cobalt-strike 5 Threat Hunting Tips from a Seasoned Hunt Team https://intel471.com/blog/5-threat-hunting-tips-from-a-seasoned-hunt-team Wed, 11 May 2022 12:51:02 -0400 Haylee Hewlett https://intel471.com/blog/5-threat-hunting-tips-from-a-seasoned-hunt-team BlackCat Ransomware https://intel471.com/blog/blackcat-ransomware Tue, 10 May 2022 09:25:32 -0400 Haylee Hewlett https://intel471.com/blog/blackcat-ransomware Quantum Ransomware https://intel471.com/blog/quantum-ransomware Tue, 10 May 2022 09:18:48 -0400 Haylee Hewlett https://intel471.com/blog/quantum-ransomware Cybercrime loves company: Conti cooperated with other ransomware gangs https://intel471.com/blog/conti-ransomware-cooperation-maze-lockbit-ragnar-locker Thu, 05 May 2022 02:00:00 -0400 Greg Otto https://intel471.com/blog/conti-ransomware-cooperation-maze-lockbit-ragnar-locker Cyber Threat Hunting - What Is It, Really? https://intel471.com/blog/cyber-threat-hunting-what-is-it-really Wed, 04 May 2022 17:33:10 -0400 Haylee Hewlett https://intel471.com/blog/cyber-threat-hunting-what-is-it-really Using SpiderFoot to Investigate a Public Bug Bounty Program https://intel471.com/blog/using-spiderfoot-to-investigate-a-public-bug-bounty-program Wed, 04 May 2022 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/using-spiderfoot-to-investigate-a-public-bug-bounty-program Tarrask Malware https://intel471.com/blog/tarrask-malware Fri, 29 Apr 2022 16:48:11 -0400 Haylee Hewlett https://intel471.com/blog/tarrask-malware Conti and Emotet: A constantly destructive duo https://intel471.com/blog/conti-emotet-ransomware-conti-leaks Tue, 26 Apr 2022 02:00:00 -0400 Greg Otto https://intel471.com/blog/conti-emotet-ransomware-conti-leaks Threat Hunting Certification, Courses, and Materials: A Starting Guide https://intel471.com/blog/threat-hunting-certification-courses-and-materials-a-starting-guide Thu, 21 Apr 2022 08:44:52 -0400 Haylee Hewlett https://intel471.com/blog/threat-hunting-certification-courses-and-materials-a-starting-guide All the OSINT You Can Get From a Single Webpage Request https://intel471.com/blog/all-the-osint-you-can-get-from-a-single-webpage-request Wed, 20 Apr 2022 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/all-the-osint-you-can-get-from-a-single-webpage-request Move fast and commit crimes: Conti’s development teams mirror corporate tech https://intel471.com/blog/conti-leaks-ransomware-development Tue, 05 Apr 2022 02:00:00 -0400 Greg Otto https://intel471.com/blog/conti-leaks-ransomware-development Spring4Shell: CVE-2022-22965 https://intel471.com/blog/spring4shell-cve-2022-22965 Fri, 01 Apr 2022 09:56:43 -0400 Haylee Hewlett https://intel471.com/blog/spring4shell-cve-2022-22965 Source code leaks a key cog in malware development life cycle https://intel471.com/blog/malware-source-code-leak-history Tue, 29 Mar 2022 02:00:00 -0400 Greg Otto https://intel471.com/blog/malware-source-code-leak-history 5 Python Libraries for Automating OSINT Operations https://intel471.com/blog/python-libraries-for-osint-automation Thu, 24 Mar 2022 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/python-libraries-for-osint-automation Conti puts the ‘organized’ in organized crime https://intel471.com/blog/conti-leaks-cybercrime-fire-team Wed, 23 Mar 2022 02:00:00 -0400 Greg Otto https://intel471.com/blog/conti-leaks-cybercrime-fire-team Moving the Needle Forward on Threat Hunting https://intel471.com/blog/moving-the-needle-forward-on-threat-hunting Mon, 21 Mar 2022 11:32:15 -0400 Haylee Hewlett https://intel471.com/blog/moving-the-needle-forward-on-threat-hunting How HUNTER Helps Security Teams https://intel471.com/blog/how-hunter-helps-security-teams Fri, 18 Mar 2022 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/how-hunter-helps-security-teams 6 More Threat Hunting Tools Everyone in the Industry Should Be Using! https://intel471.com/blog/6-more-threat-hunting-tools-everyone-in-the-industry-should-be-using Thu, 17 Mar 2022 05:02:00 -0400 Haylee Hewlett https://intel471.com/blog/6-more-threat-hunting-tools-everyone-in-the-industry-should-be-using CONTI Ransomware https://intel471.com/blog/conti Mon, 14 Mar 2022 09:46:00 -0400 Haylee Hewlett https://intel471.com/blog/conti Cyber Threat Hunting: 4 More Videos to Make You an (Even) Better Threat Hunter! https://intel471.com/blog/cyber-threat-hunting-4-more-videos-to-make-you-an-even-better-threat-hunter Thu, 10 Mar 2022 09:06:00 -0500 Haylee Hewlett https://intel471.com/blog/cyber-threat-hunting-4-more-videos-to-make-you-an-even-better-threat-hunter Biometric security beginning to pique cybercriminals’ interest https://intel471.com/blog/biometric-security-threats-cybercriminal-underground Tue, 08 Mar 2022 02:00:00 -0500 Greg Otto https://intel471.com/blog/biometric-security-threats-cybercriminal-underground HermeticWiper Malware https://intel471.com/blog/hermeticwiper Thu, 24 Feb 2022 08:58:00 -0500 Haylee Hewlett https://intel471.com/blog/hermeticwiper Something strange is going on with Trickbot https://intel471.com/blog/trickbot-2022-emotet-bazar-loader Thu, 24 Feb 2022 02:00:00 -0500 Greg Otto https://intel471.com/blog/trickbot-2022-emotet-bazar-loader LockBit Ransomware https://intel471.com/blog/lockbit Fri, 18 Feb 2022 09:11:00 -0500 Haylee Hewlett https://intel471.com/blog/lockbit Proxy VBScript Execution via CurrentVersion Registry Key https://intel471.com/blog/proxy-vbscript-execution-via-currentversion-registry-key Wed, 16 Feb 2022 12:48:00 -0500 Haylee Hewlett https://intel471.com/blog/proxy-vbscript-execution-via-currentversion-registry-key BlackByte Ransomware https://intel471.com/blog/blackbyte Tue, 15 Feb 2022 09:08:00 -0500 Haylee Hewlett https://intel471.com/blog/blackbyte How the Russia-Ukraine conflict is impacting cybercrime https://intel471.com/blog/russia-ukraine-conflict-cybercrime-underground Tue, 15 Feb 2022 02:00:00 -0500 Greg Otto https://intel471.com/blog/russia-ukraine-conflict-cybercrime-underground PrivateLoader: The first step in many malware schemes https://intel471.com/blog/privateloader-malware Tue, 08 Feb 2022 02:00:00 -0500 Greg Otto https://intel471.com/blog/privateloader-malware OSINT without APIs https://intel471.com/blog/osint-without-apis Sun, 06 Feb 2022 00:00:00 -0500 Haylee Hewlett https://intel471.com/blog/osint-without-apis Why Mirai is still a threat to the IoT ecosystem https://intel471.com/blog/iot-cybersecurity-threats-mirai-botnet Tue, 25 Jan 2022 02:00:00 -0500 Greg Otto https://intel471.com/blog/iot-cybersecurity-threats-mirai-botnet What can we expect from the REvil arrests? https://intel471.com/blog/revil-ransomware-arrests-cybercrime-underground Mon, 24 Jan 2022 09:05:00 -0500 Greg Otto https://intel471.com/blog/revil-ransomware-arrests-cybercrime-underground WhisperGate Wiper https://intel471.com/blog/whispergate Tue, 18 Jan 2022 09:15:00 -0500 Haylee Hewlett https://intel471.com/blog/whispergate SysJoker Backdoor https://intel471.com/blog/sysjoker Thu, 13 Jan 2022 09:04:00 -0500 Haylee Hewlett https://intel471.com/blog/sysjoker Critical CVEs: Why Chasing Squirrels is Driving the Whole Industry Nuts https://intel471.com/blog/critical-cves-why-chasing-squirrels-is-driving-the-whole-industry-nuts Thu, 06 Jan 2022 09:05:00 -0500 Haylee Hewlett https://intel471.com/blog/critical-cves-why-chasing-squirrels-is-driving-the-whole-industry-nuts Here’s how the cybercriminal underground has reacted to Log4j https://intel471.com/blog/log4j-cybercrime Wed, 22 Dec 2021 09:51:00 -0500 Greg Otto https://intel471.com/blog/log4j-cybercrime Log4j: Making the Case for Structured Hunting https://intel471.com/blog/log4j-making-the-case-for-structured-hunting Thu, 16 Dec 2021 09:10:00 -0500 Haylee Hewlett https://intel471.com/blog/log4j-making-the-case-for-structured-hunting A reset on ransomware: Dominant variants differ from prior years https://intel471.com/blog/ransomware-attacks-2021-lockbit-hive-conti-clop-revil-blackmatter Wed, 15 Dec 2021 21:00:00 -0500 Greg Otto https://intel471.com/blog/ransomware-attacks-2021-lockbit-hive-conti-clop-revil-blackmatter Log4Shell: CVE-2021-44228 https://intel471.com/blog/log4shell Sun, 12 Dec 2021 09:19:00 -0500 Haylee Hewlett https://intel471.com/blog/log4shell How the new Emotet differs from previous versions https://intel471.com/blog/emotet-returns-december-2021 Wed, 08 Dec 2021 21:00:00 -0500 Greg Otto https://intel471.com/blog/emotet-returns-december-2021 InstallerFileTakeOver Exploit: CVE-2021-41379 https://intel471.com/blog/installerfiletakeover-exploit-cve-2021-41379 Wed, 01 Dec 2021 09:24:00 -0500 Haylee Hewlett https://intel471.com/blog/installerfiletakeover-exploit-cve-2021-41379 Trickbot Banking Trojan https://intel471.com/blog/trickbot-banking-trojan Tue, 30 Nov 2021 09:51:00 -0500 Haylee Hewlett https://intel471.com/blog/trickbot-banking-trojan An OSINT Story: It’s late Friday evening… https://intel471.com/blog/an-osint-story-its-late-friday-evening Thu, 25 Nov 2021 00:00:00 -0500 Haylee Hewlett https://intel471.com/blog/an-osint-story-its-late-friday-evening Windows Discovery and Execution Processes - Excessive Use https://intel471.com/blog/windows-discovery-and-execution-processes-excessive-use Thu, 18 Nov 2021 13:16:00 -0500 Haylee Hewlett https://intel471.com/blog/windows-discovery-and-execution-processes-excessive-use Emotet Malware https://intel471.com/blog/emotet Wed, 17 Nov 2021 09:28:00 -0500 Haylee Hewlett https://intel471.com/blog/emotet Maldoc Execution Chain https://intel471.com/blog/maldoc-execution-chain Tue, 16 Nov 2021 13:20:00 -0500 Haylee Hewlett https://intel471.com/blog/maldoc-execution-chain Emotet is back. Here's what we know. https://intel471.com/blog/emotet-is-back-2021 Tue, 16 Nov 2021 08:16:00 -0500 Greg Otto https://intel471.com/blog/emotet-is-back-2021 How cryptomixers allow cybercriminals to clean their ransoms https://intel471.com/blog/cryptomixers-ransomware Mon, 15 Nov 2021 21:00:00 -0500 Greg Otto https://intel471.com/blog/cryptomixers-ransomware DeadRinger Operation https://intel471.com/blog/deadringer-operation Mon, 15 Nov 2021 09:32:00 -0500 Haylee Hewlett https://intel471.com/blog/deadringer-operation Macaw Ransomware https://intel471.com/blog/macaw-ransomware Tue, 02 Nov 2021 10:53:00 -0400 Haylee Hewlett https://intel471.com/blog/macaw-ransomware Cybercrime underground flush with shipping companies’ credentials https://intel471.com/blog/shipping-companies-ransomware-credentials Mon, 01 Nov 2021 22:00:00 -0400 Greg Otto https://intel471.com/blog/shipping-companies-ransomware-credentials Top 5 OSINT Sources for Attack Surface Management https://intel471.com/blog/top-5-osint-sources-for-attack-surface-management Mon, 25 Oct 2021 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/top-5-osint-sources-for-attack-surface-management Top 5 OSINT Sources for People Investigations https://intel471.com/blog/top-5-osint-sources-for-people-investigations Sun, 24 Oct 2021 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/top-5-osint-sources-for-people-investigations Cybercriminals cash in on black market vaccine schemes https://intel471.com/blog/fake-covid-vaccination-cards-cybercrime Tue, 19 Oct 2021 20:00:00 -0400 Greg Otto https://intel471.com/blog/fake-covid-vaccination-cards-cybercrime Top 5 OSINT Sources for Threat Intelligence https://intel471.com/blog/top-5-osint-sources-for-threat-intelligence Thu, 07 Oct 2021 00:00:00 -0400 Hayden Cleek https://intel471.com/blog/top-5-osint-sources-for-threat-intelligence The public sector is a juicy target for cybercriminals https://intel471.com/blog/public-sector-cybersecurity-threats-2021 Thu, 30 Sep 2021 09:00:00 -0400 Greg Otto https://intel471.com/blog/public-sector-cybersecurity-threats-2021 Cybercriminals going after one-time passwords with Telegram-powered bots https://intel471.com/blog/otp-password-bots-telegram Wed, 29 Sep 2021 05:00:00 -0400 Greg Otto https://intel471.com/blog/otp-password-bots-telegram Manufacturers should focus on protecting their supply chains https://intel471.com/blog/manufacturing-cybersecurity-threats-supply-chain Wed, 22 Sep 2021 09:00:00 -0400 Greg Otto https://intel471.com/blog/manufacturing-cybersecurity-threats-supply-chain Top 5 OSINT Sources for Penetration Testing and Bug Bounties https://intel471.com/blog/top-5-osint-sources-for-penetration-testing-and-bug-bounties Sat, 11 Sep 2021 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/top-5-osint-sources-for-penetration-testing-and-bug-bounties njRAT Remote Access Trojan https://intel471.com/blog/njrat Fri, 10 Sep 2021 09:28:00 -0400 Haylee Hewlett https://intel471.com/blog/njrat The Threat Hunting Conundrum: Challenges Security Teams Face https://intel471.com/blog/the-threat-hunting-conundrum-challenges-security-teams-face Thu, 09 Sep 2021 09:45:03 -0400 Haylee Hewlett https://intel471.com/blog/the-threat-hunting-conundrum-challenges-security-teams-face How Groove Gang is shaking up the Ransomware-as-a-Service Market to Empower Affiliates https://intel471.com/blog/groove-gang-ransomware-babuk-revil-blackmatter Thu, 09 Sep 2021 00:01:00 -0400 Greg Otto https://intel471.com/blog/groove-gang-ransomware-babuk-revil-blackmatter Expectation vs Reality: Debunking 5 (More) Myths About Threat Hunting https://intel471.com/blog/expectation-vs-reality-debunking-5-more-threat-hunters Thu, 02 Sep 2021 09:28:17 -0400 Haylee Hewlett https://intel471.com/blog/expectation-vs-reality-debunking-5-more-threat-hunters Outsourcing manipulation: How BEC scammers use the cybercrime underground https://intel471.com/blog/bec-cybercrime-underground Wed, 01 Sep 2021 05:00:00 -0400 Greg Otto https://intel471.com/blog/bec-cybercrime-underground From a Global Man Hunt to a Cyber Threat Hunt https://intel471.com/blog/from-a-global-man-hunt-to-a-cyber-threat-hunt Thu, 26 Aug 2021 09:29:40 -0400 Haylee Hewlett https://intel471.com/blog/from-a-global-man-hunt-to-a-cyber-threat-hunt Attack Surface Management: You’re probably doing it wrong https://intel471.com/blog/attack-surface-management-youre-probably-doing-it-wrong Thu, 26 Aug 2021 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/attack-surface-management-youre-probably-doing-it-wrong Here’s how to guard your enterprise against ShinyHunters https://intel471.com/blog/shinyhunters-data-breach-mitre-attack Mon, 23 Aug 2021 09:00:00 -0400 Greg Otto https://intel471.com/blog/shinyhunters-data-breach-mitre-attack Logs & You: Explaining Threat Hunting to Non-Threat Hunters https://intel471.com/blog/logs-you-create-and-why-they-matter Thu, 19 Aug 2021 09:25:53 -0400 Haylee Hewlett https://intel471.com/blog/logs-you-create-and-why-they-matter Here’s how information stealers pose a threat beyond ransomware https://intel471.com/blog/information-stealer-ransomware-account-takeover Wed, 18 Aug 2021 05:00:00 -0400 Greg Otto https://intel471.com/blog/information-stealer-ransomware-account-takeover Lock 'N' Load: A New LockBit Campaign https://intel471.com/blog/lock-n-load-a-new-lockbit-campaign Thu, 12 Aug 2021 09:32:15 -0400 Haylee Hewlett https://intel471.com/blog/lock-n-load-a-new-lockbit-campaign Three ways ransomware-as-a-service has become easier than ever to launch https://intel471.com/blog/ransomware-as-a-service-fivehands-printnightmare-babuk-conti Wed, 28 Jul 2021 05:00:00 -0400 Greg Otto https://intel471.com/blog/ransomware-as-a-service-fivehands-printnightmare-babuk-conti Cyber Threat Hunting: 3 MORE Videos to Help You Become an Expert https://intel471.com/blog/cyber-threat-hunting-3-more-videos-to-help-you-become-an-expert Thu, 22 Jul 2021 09:28:20 -0400 Haylee Hewlett https://intel471.com/blog/cyber-threat-hunting-3-more-videos-to-help-you-become-an-expert Meteor Wiper https://intel471.com/blog/meteor-wiper Fri, 16 Jul 2021 11:59:00 -0400 Haylee Hewlett https://intel471.com/blog/meteor-wiper Threat Content Platforms: Why We Need Them More Than Ever Before https://intel471.com/blog/threat-content-platforms-why-we-need-them-more-than-ever-before-or-ttps-not-iocs Thu, 15 Jul 2021 09:28:34 -0400 Haylee Hewlett https://intel471.com/blog/threat-content-platforms-why-we-need-them-more-than-ever-before-or-ttps-not-iocs How cybercriminals create turbulence for the transportation industry https://intel471.com/blog/how-cybercriminals-create-turbulence-for-the-transportation-industry Wed, 14 Jul 2021 05:00:00 -0400 Greg Otto https://intel471.com/blog/how-cybercriminals-create-turbulence-for-the-transportation-industry Proactive Threat Hunting Shouldn’t Just be a Buzzword https://intel471.com/blog/proactive-threat-hunting-shouldnt-just-be-a-buzzword Thu, 08 Jul 2021 08:05:20 -0400 Haylee Hewlett https://intel471.com/blog/proactive-threat-hunting-shouldnt-just-be-a-buzzword Sibot Malware https://intel471.com/blog/sibot-malware Thu, 24 Jun 2021 12:05:00 -0400 Haylee Hewlett https://intel471.com/blog/sibot-malware TEARDROP Dropper Malware https://intel471.com/blog/teardrop Wed, 23 Jun 2021 09:41:00 -0400 Haylee Hewlett https://intel471.com/blog/teardrop Cybercriminals shop around for schemes targeting retail https://intel471.com/blog/retail-cybercrime-threats-2021 Wed, 23 Jun 2021 05:00:00 -0400 Greg Otto https://intel471.com/blog/retail-cybercrime-threats-2021 Attempted VBScript Stored in Non-Run CurrentVersion Registry Key Value https://intel471.com/blog/attempted-vbscript-stored-in-non-run-currentversion-registry-key-value Tue, 22 Jun 2021 14:48:00 -0400 Haylee Hewlett https://intel471.com/blog/attempted-vbscript-stored-in-non-run-currentversion-registry-key-value The blurry boundaries between nation-state actors and the cybercrime underground https://intel471.com/blog/the-blurry-boundaries-between-nation-state-actors-and-the-cybercrime-underground Tue, 08 Jun 2021 05:00:00 -0400 Greg Otto https://intel471.com/blog/the-blurry-boundaries-between-nation-state-actors-and-the-cybercrime-underground How SOAR plus threat intelligence empowers security operations teams https://intel471.com/blog/how-soar-plus-threat-intelligence-empowers-security-operations-teams Tue, 08 Jun 2021 05:00:00 -0400 Greg Otto https://intel471.com/blog/how-soar-plus-threat-intelligence-empowers-security-operations-teams How much data do you leak online unintentionally? https://intel471.com/blog/how-much-data-do-you-leak-online-unintentionally Sun, 06 Jun 2021 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/how-much-data-do-you-leak-online-unintentionally Alleged REvil member says gang has no fear over U.S. government’s major ransomware focus https://intel471.com/blog/alleged-revil-member-says-gang-has-no-fear-over-u-s-governments-major-ransomware-focus Fri, 04 Jun 2021 14:52:00 -0400 Greg Otto https://intel471.com/blog/alleged-revil-member-says-gang-has-no-fear-over-u-s-governments-major-ransomware-focus BoomBox Downloader https://intel471.com/blog/boombox-downloader Fri, 04 Jun 2021 12:42:00 -0400 Haylee Hewlett https://intel471.com/blog/boombox-downloader Threat Hunt Deep Dives: User Account Control Bypass Via Registry Modification https://intel471.com/blog/threat-hunt-deep-dives-user-account-control-bypass-via-registry-modification Thu, 03 Jun 2021 09:35:01 -0400 Haylee Hewlett https://intel471.com/blog/threat-hunt-deep-dives-user-account-control-bypass-via-registry-modification Call for crimes? Russian-language forum runs contest for cryptocurrency hacks https://intel471.com/blog/call-for-crimes-russian-language-forum-runs-contest-for-cryptocurrency-hacks Wed, 02 Jun 2021 05:00:00 -0400 Greg Otto https://intel471.com/blog/call-for-crimes-russian-language-forum-runs-contest-for-cryptocurrency-hacks The Easiest Way to (Hack|Protect) an Organization in 2021: Knowing the Attack Surface https://intel471.com/blog/the-easiest-way-to-hack-protect-an-organization-in-2021-knowing-the-attack-surface Tue, 01 Jun 2021 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/the-easiest-way-to-hack-protect-an-organization-in-2021-knowing-the-attack-surface Suspicious rundll32 Execution https://intel471.com/blog/suspicious-rundll32-execution Mon, 31 May 2021 14:39:00 -0400 Haylee Hewlett https://intel471.com/blog/suspicious-rundll32-execution EnvyScout Dropper https://intel471.com/blog/envyscout-dropper Sat, 29 May 2021 12:21:00 -0400 Haylee Hewlett https://intel471.com/blog/envyscout-dropper We Need a New National Cyber Security Strategy https://intel471.com/blog/executive-order-we-need-a-new-national-cyber-security-strategy Tue, 25 May 2021 09:00:10 -0400 Haylee Hewlett https://intel471.com/blog/executive-order-we-need-a-new-national-cyber-security-strategy Look how many cybercriminals love Cobalt Strike https://intel471.com/blog/cobalt-strike-cybercriminals-trickbot-qbot-hancitor Wed, 19 May 2021 05:00:00 -0400 Greg Otto https://intel471.com/blog/cobalt-strike-cybercriminals-trickbot-qbot-hancitor Cybercriminals have so many schemes aimed at your credentials https://intel471.com/blog/credential-theft-cybercrime Mon, 17 May 2021 03:00:00 -0400 Greg Otto https://intel471.com/blog/credential-theft-cybercrime The moral underground? Ransomware operators retreat after Colonial Pipeline hack https://intel471.com/blog/darkside-ransomware-shut-down-revil-avaddon-cybercrime Fri, 14 May 2021 10:21:00 -0400 Greg Otto https://intel471.com/blog/darkside-ransomware-shut-down-revil-avaddon-cybercrime Here’s what we know about DarkSide ransomware https://intel471.com/blog/darkside-ransomware-colonial-pipeline-attack Mon, 10 May 2021 18:52:00 -0400 Greg Otto https://intel471.com/blog/darkside-ransomware-colonial-pipeline-attack Ransomware: Hunting for Inhibiting System Backup or Recovery https://intel471.com/blog/hunting-ransomware-inhibiting-system-backup-or-recovery Thu, 06 May 2021 09:47:43 -0400 Haylee Hewlett https://intel471.com/blog/hunting-ransomware-inhibiting-system-backup-or-recovery 4 Ways Threat Hunting Helps Non-Traditional ROI https://intel471.com/blog/4-ways-threat-hunting-helps-non-traditional-roi Thu, 29 Apr 2021 10:00:06 -0400 Haylee Hewlett https://intel471.com/blog/4-ways-threat-hunting-helps-non-traditional-roi The cybercriminal underground hasn’t forgotten about financial services https://intel471.com/blog/financial-cybercrime-2021-jackpotting-atm-malware Mon, 26 Apr 2021 08:00:00 -0400 Haylee Hewlett https://intel471.com/blog/financial-cybercrime-2021-jackpotting-atm-malware Healthcare & Ransomware: A Different Type of Pandemic https://intel471.com/blog/healthcare-ransomware-a-different-type-of-pandemic Tue, 20 Apr 2021 09:20:43 -0400 Haylee Hewlett https://intel471.com/blog/healthcare-ransomware-a-different-type-of-pandemic How China’s cybercrime underground is making money off big data https://intel471.com/blog/china-cybercrime-big-data-privacy-laws Mon, 19 Apr 2021 13:09:00 -0400 Haylee Hewlett https://intel471.com/blog/china-cybercrime-big-data-privacy-laws Sodinokibi https://intel471.com/blog/sodinokibi Fri, 16 Apr 2021 11:19:00 -0400 Haylee Hewlett https://intel471.com/blog/sodinokibi Threat Content: Building a Better Mousetrap https://intel471.com/blog/threat-content-building-a-better-mousetrap Thu, 15 Apr 2021 09:30:16 -0400 Haylee Hewlett https://intel471.com/blog/threat-content-building-a-better-mousetrap Blackmatter https://intel471.com/blog/blackmatter Wed, 14 Apr 2021 11:43:00 -0400 Haylee Hewlett https://intel471.com/blog/blackmatter Meterpreter Payload https://intel471.com/blog/meterpreter-payload Fri, 09 Apr 2021 12:45:00 -0400 Haylee Hewlett https://intel471.com/blog/meterpreter-payload How to Threat Hunt: A Beginner's Guide https://intel471.com/blog/how-to-threat-hunt-a-beginners-guide Thu, 08 Apr 2021 09:58:57 -0400 Haylee Hewlett https://intel471.com/blog/how-to-threat-hunt-a-beginners-guide Cobalt Strike https://intel471.com/blog/cobalt-strike Wed, 07 Apr 2021 11:42:00 -0400 Haylee Hewlett https://intel471.com/blog/cobalt-strike EtterSilent: the underground’s new favorite maldoc builder https://intel471.com/blog/ettersilent-maldoc-builder-macro-trickbot-qbot Tue, 06 Apr 2021 22:58:00 -0400 Haylee Hewlett https://intel471.com/blog/ettersilent-maldoc-builder-macro-trickbot-qbot Ryuk Ransomware https://intel471.com/blog/ryuk-ransomware Fri, 02 Apr 2021 11:50:00 -0400 Haylee Hewlett https://intel471.com/blog/ryuk-ransomware Threat Detection: 4 Little Changes That'll Make a Big Difference https://intel471.com/blog/threat-detection-4-little-changes-thatll-make-a-big-difference Thu, 01 Apr 2021 08:00:30 -0400 Haylee Hewlett https://intel471.com/blog/threat-detection-4-little-changes-thatll-make-a-big-difference Pysa Ransomware https://intel471.com/blog/pysa-ransomware Wed, 24 Mar 2021 12:47:00 -0400 Haylee Hewlett https://intel471.com/blog/pysa-ransomware Cybercriminals still leveraging COVID-19 pandemic for scams https://intel471.com/blog/covid-19-vaccine-scam-cybercrime-unemployment Tue, 23 Mar 2021 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/covid-19-vaccine-scam-cybercrime-unemployment Living off the Land (LotL) - RDP Hijacking https://intel471.com/blog/living-off-the-land-lotl-rdp-hijacking Tue, 23 Mar 2021 08:15:32 -0400 Haylee Hewlett https://intel471.com/blog/living-off-the-land-lotl-rdp-hijacking A Threat Hunting Loop for Structured Hunting https://intel471.com/blog/a-threat-hunting-loop-for-structured-hunting Tue, 16 Mar 2021 10:42:31 -0400 Haylee Hewlett https://intel471.com/blog/a-threat-hunting-loop-for-structured-hunting You Don't Know the HAFNIUM of it... https://intel471.com/blog/you-dont-know-the-hafnium-of-it Thu, 11 Mar 2021 12:51:25 -0500 Haylee Hewlett https://intel471.com/blog/you-dont-know-the-hafnium-of-it Living off the Land (LotL) - Downloading Files on Microsoft Windows https://intel471.com/blog/living-off-the-land-downloading-files-on-microsoft-windows Tue, 09 Mar 2021 10:08:09 -0500 Haylee Hewlett https://intel471.com/blog/living-off-the-land-downloading-files-on-microsoft-windows Friendly fire: Four well-known cybercriminal forums dealing with breaches https://intel471.com/blog/mazafaka-hacked-cybercrime-forums-exploit-crdclub-verified Thu, 04 Mar 2021 03:00:00 -0500 Haylee Hewlett https://intel471.com/blog/mazafaka-hacked-cybercrime-forums-exploit-crdclub-verified Here’s who is powering the bulletproof hosting market https://intel471.com/blog/top-bulletproof-hosting-providers-yalishanda-ccweb-brazzzers-2021 Wed, 03 Mar 2021 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/top-bulletproof-hosting-providers-yalishanda-ccweb-brazzzers-2021 Threat Hunting Maturity Model: A New Approach for Structured Hunting https://intel471.com/blog/threat-hunting-maturity-model-a-new-approach-for-structured-hunting Wed, 03 Mar 2021 11:48:44 -0500 Haylee Hewlett https://intel471.com/blog/threat-hunting-maturity-model-a-new-approach-for-structured-hunting Bulletproof hosting: How cybercrime stays resilient https://intel471.com/blog/bulletproof-hosting-yalishanda-ransomware-banking-trojans-information-stealers Tue, 23 Feb 2021 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/bulletproof-hosting-yalishanda-ransomware-banking-trojans-information-stealers XDR is the Rorschach Test of Cyber Security https://intel471.com/blog/xdr-is-the-rorschach-test-of-cyber-security Tue, 23 Feb 2021 10:17:59 -0500 Haylee Hewlett https://intel471.com/blog/xdr-is-the-rorschach-test-of-cyber-security Social Engineering: It’s Not as Difficult as You Think! https://intel471.com/blog/social-engineering-its-not-as-difficult-as-you-think Fri, 19 Feb 2021 10:18:15 -0500 Haylee Hewlett https://intel471.com/blog/social-engineering-its-not-as-difficult-as-you-think Egregor operation takes huge hit after police raids https://intel471.com/blog/egregor-arrests-ukraine-sbu-maze-ransomware Wed, 17 Feb 2021 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/egregor-arrests-ukraine-sbu-maze-ransomware Threat Hunting Can Be Fully Automated! - A Productive Rant https://intel471.com/blog/threat_hunting_can_be_fully_automated Tue, 16 Feb 2021 08:51:48 -0500 Haylee Hewlett https://intel471.com/blog/threat_hunting_can_be_fully_automated Hiding in plain sight: Bulletproof Hosting’s dueling forms https://intel471.com/blog/bulletproof-hosting-fast-flux-dns-double-flux-vps Mon, 15 Feb 2021 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/bulletproof-hosting-fast-flux-dns-double-flux-vps Cybercriminals are interested in your SCADA systems https://intel471.com/blog/scada-oldsmar-florida-water-treatment-plant-hack Fri, 12 Feb 2021 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/scada-oldsmar-florida-water-treatment-plant-hack The Best Threat Intelligence Tools for the Command Line https://intel471.com/blog/the-best-threat-intelligence-tools-for-the-command-line Tue, 09 Feb 2021 12:42:26 -0500 Haylee Hewlett https://intel471.com/blog/the-best-threat-intelligence-tools-for-the-command-line Cyber Threat Hunting: Become an Expert with These 4 Videos! https://intel471.com/blog/cyber-threat-hunting-become-an-expert-with-these-4-videos Tue, 02 Feb 2021 09:25:55 -0500 Haylee Hewlett https://intel471.com/blog/cyber-threat-hunting-become-an-expert-with-these-4-videos Emotet takedown is not like the Trickbot takedown https://intel471.com/blog/emotet-takedown-2021 Wed, 27 Jan 2021 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/emotet-takedown-2021 Threat Detection and Why You Should Spend More Time Thinking About It https://intel471.com/blog/threat-detection-and-why-you-should-spend-more-time-thinking-about-it Tue, 26 Jan 2021 09:29:01 -0500 Haylee Hewlett https://intel471.com/blog/threat-detection-and-why-you-should-spend-more-time-thinking-about-it Threat Hunt Deep Dives: Apache Struts RCE (CVE-2020-17530) https://intel471.com/blog/threat-hunt-deep-dives-apache-struts-rce-cve-2020-17530 Thu, 21 Jan 2021 09:37:14 -0500 Haylee Hewlett https://intel471.com/blog/threat-hunt-deep-dives-apache-struts-rce-cve-2020-17530 7 Threat Hunting Tools Everyone in the Industry Should Be Using https://intel471.com/blog/7-threat-hunting-tools-everyone-in-the-industry-should-be-using Wed, 20 Jan 2021 09:18:36 -0500 Haylee Hewlett https://intel471.com/blog/7-threat-hunting-tools-everyone-in-the-industry-should-be-using Nation-states are taking their supply-chain attack strategy from the cybercriminal underground https://intel471.com/blog/solarwinds-supply-chain-attack-iran-russia-north-korea Fri, 15 Jan 2021 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/solarwinds-supply-chain-attack-iran-russia-north-korea Last Dash for Joker’s Stash: Carding forum may close in 30 days https://intel471.com/blog/jokers-stash-closed-february-2021 Fri, 15 Jan 2021 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/jokers-stash-closed-february-2021 Cyborg Security Releases Free SUNBURST Community Defense Measures https://intel471.com/blog/sunburst-community-defense-measures Tue, 12 Jan 2021 11:00:54 -0500 Haylee Hewlett https://intel471.com/blog/sunburst-community-defense-measures Hunting for Persistence: Registry Run Keys / Startup Folder https://intel471.com/blog/hunting-for-persistence-registry-run-keys-startup-folder Thu, 07 Jan 2021 09:51:48 -0500 Haylee Hewlett https://intel471.com/blog/hunting-for-persistence-registry-run-keys-startup-folder Threat Hunting Tactics & Techniques https://intel471.com/blog/threat-hunting-tactics-techniques Tue, 05 Jan 2021 07:00:52 -0500 Haylee Hewlett https://intel471.com/blog/threat-hunting-tactics-techniques TA505’s modified loader means new attack campaign could be coming https://intel471.com/blog/ta505-get2-loader-malware-december-2020 Fri, 18 Dec 2020 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/ta505-get2-loader-malware-december-2020 More annoying than crippling: Joker’s Stash takedown is temporary https://intel471.com/blog/jokers-stash-fbi-interpol-dns-takedown-temporary Thu, 17 Dec 2020 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/jokers-stash-fbi-interpol-dns-takedown-temporary SUNBURST: SolarWinds' Supply-Chain Attack https://intel471.com/blog/sunburst-solarwinds-supply-chain-attack Wed, 16 Dec 2020 10:56:00 -0500 Haylee Hewlett https://intel471.com/blog/sunburst-solarwinds-supply-chain-attack Threat Hunt Deep Dives: SolarWinds' Supply-Chain Compromise (Solorigate / SUNBURST Backdoor) https://intel471.com/blog/threat-hunt-deep-dives-solarwinds-supply-chain-compromise-solorigate-sunburst-backdoor Tue, 15 Dec 2020 11:46:06 -0500 Haylee Hewlett https://intel471.com/blog/threat-hunt-deep-dives-solarwinds-supply-chain-compromise-solorigate-sunburst-backdoor No pandas, just people: The current state of China’s cybercrime underground https://intel471.com/blog/china-cybercrime-undergrond-deepmix-tea-horse-road-great-firewall Thu, 10 Dec 2020 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/china-cybercrime-undergrond-deepmix-tea-horse-road-great-firewall Threat Hunt Deep Dives: Application Shimming https://intel471.com/blog/threat-hunt-deep-dives-application-shimming Thu, 10 Dec 2020 12:46:13 -0500 Haylee Hewlett https://intel471.com/blog/threat-hunt-deep-dives-application-shimming Hunting a Phish https://intel471.com/blog/hunting-a-phish Wed, 09 Dec 2020 14:26:11 -0500 Haylee Hewlett https://intel471.com/blog/hunting-a-phish Steal, then strike: Access merchants are first clues to future ransomware attacks https://intel471.com/blog/ransomware-attack-access-merchants-infostealer-escrow-service Tue, 01 Dec 2020 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/ransomware-attack-access-merchants-infostealer-escrow-service Top 3 Easiest Threat Hunts https://intel471.com/blog/top-3-easiest-threat-hunt Tue, 01 Dec 2020 13:15:13 -0500 Haylee Hewlett https://intel471.com/blog/top-3-easiest-threat-hunt Black Hat Webcast Series | Practical Threat Hunting https://intel471.com/blog/black-hat-webcast-series-practical-threat-hunting-2 Mon, 30 Nov 2020 10:45:00 -0500 Haylee Hewlett https://intel471.com/blog/black-hat-webcast-series-practical-threat-hunting-2 Here’s what happens after a business gets hit with ransomware https://intel471.com/blog/how-to-recover-from-a-ransomware-attack Mon, 23 Nov 2020 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/how-to-recover-from-a-ransomware-attack Threat Hunt Deep Dives: The Return of the WIZard https://intel471.com/blog/threat-hunt-deep-dives-episode-1 Fri, 20 Nov 2020 11:25:55 -0500 Haylee Hewlett https://intel471.com/blog/threat-hunt-deep-dives-episode-1 3 Threat Hunting Myths You Shouldn't Believe https://intel471.com/blog/3-threat-hunting-myths-you-shouldnt-believe Tue, 17 Nov 2020 13:25:12 -0500 Haylee Hewlett https://intel471.com/blog/3-threat-hunting-myths-you-shouldnt-believe Ransomware-as-a-service: The pandemic within a pandemic https://intel471.com/blog/ransomware-as-a-service-2020-ryuk-maze-revil-egregor-doppelpaymer Mon, 16 Nov 2020 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/ransomware-as-a-service-2020-ryuk-maze-revil-egregor-doppelpaymer Detection Content - The Trouble with Free https://intel471.com/blog/detection-content-the-trouble-with-free Thu, 12 Nov 2020 12:06:40 -0500 Haylee Hewlett https://intel471.com/blog/detection-content-the-trouble-with-free Trickbot down, but is it out? https://intel471.com/blog/trickbot-update-november-2020-bazar-loader-microsoft Tue, 10 Nov 2020 14:00:00 -0500 Haylee Hewlett https://intel471.com/blog/trickbot-update-november-2020-bazar-loader-microsoft After the Hunt: How to Follow Up on Cyber Threat Hunting Findings https://intel471.com/blog/after-the-hunt-how-to-follow-up-on-cyber-threat-hunt-findings Thu, 05 Nov 2020 00:00:00 -0500 Johnny Morse https://intel471.com/blog/after-the-hunt-how-to-follow-up-on-cyber-threat-hunt-findings Alleged REvil member spills details on group’s ransomware operations https://intel471.com/blog/revil-ransomware-interview-russian-osint-100-million Wed, 28 Oct 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/revil-ransomware-interview-russian-osint-100-million Cyborg Security 2020 CTF Solutions https://intel471.com/blog/cyborg-security-2020-ctf-solutions Wed, 28 Oct 2020 10:00:56 -0400 Haylee Hewlett https://intel471.com/blog/cyborg-security-2020-ctf-solutions What is Structured Threat Hunting? https://intel471.com/blog/what-is-structured-threat-hunting Tue, 27 Oct 2020 09:20:50 -0400 Haylee Hewlett https://intel471.com/blog/what-is-structured-threat-hunting Leveraging Intel 471’s Malware Intelligence Data using MISP https://intel471.com/blog/intel-471-misp-malware-intelligence-data Tue, 20 Oct 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/intel-471-misp-malware-intelligence-data Global Trickbot disruption operation shows promise https://intel471.com/blog/global-trickbot-disruption-operation-shows-promise Tue, 20 Oct 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/global-trickbot-disruption-operation-shows-promise That was quick: Trickbot is back after disruption attempts https://intel471.com/blog/trickbot-online-emotet-microsoft-cyber-command-disruption-attempts Thu, 15 Oct 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/trickbot-online-emotet-microsoft-cyber-command-disruption-attempts Recent Trickbot disruption operation likely to have only short-term impact https://intel471.com/blog/trickbot-disruption-microsoft-short-term-impact Tue, 13 Oct 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/trickbot-disruption-microsoft-short-term-impact Criminals posing as Lazarus Group threatened Travelex: Bitcoin or DDoS https://intel471.com/blog/travelex-ddos-attack-lazarus-group-ransom Tue, 13 Oct 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/travelex-ddos-attack-lazarus-group-ransom Detection Validation: Going Atomic on False Negatives https://intel471.com/blog/1125 Tue, 13 Oct 2020 12:36:42 -0400 Haylee Hewlett https://intel471.com/blog/1125 Cyborg Security Introduces New Platform for Threat Hunting https://intel471.com/blog/press-release-cyborg-security-introduces-new-platform-for-threat-hunting Tue, 13 Oct 2020 10:15:36 -0400 Haylee Hewlett https://intel471.com/blog/press-release-cyborg-security-introduces-new-platform-for-threat-hunting OSINT for Attack Surface Monitoring https://intel471.com/blog/osint-for-attack-surface-monitoring Mon, 12 Oct 2020 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/osint-for-attack-surface-monitoring Cyborg Security + Elastic Deliver Advanced Threat Hunting Content https://intel471.com/blog/cyborg-security-elastic-deliver-advanced-threat-hunting-content Thu, 08 Oct 2020 00:00:00 -0400 Johnny Morse https://intel471.com/blog/cyborg-security-elastic-deliver-advanced-threat-hunting-content You Can Only Hunt What You Can See: Best Endpoint Log Sources for Threat Hunting https://intel471.com/blog/you-can-only-hunt-what-you-can-see-best-endpoint-log-sources-for-threat-hunting Tue, 29 Sep 2020 11:32:41 -0400 Haylee Hewlett https://intel471.com/blog/you-can-only-hunt-what-you-can-see-best-endpoint-log-sources-for-threat-hunting An Overview of the Actors Behind the Largest MageCart Attack (So Far!) https://intel471.com/blog/an-overview-of-the-actors-behind-the-largest-magecart-attack-so-far Fri, 25 Sep 2020 11:23:33 -0400 Haylee Hewlett https://intel471.com/blog/an-overview-of-the-actors-behind-the-largest-magecart-attack-so-far The Trouble with Attribution in Cyber Threat Intelligence (Part 1) https://intel471.com/blog/the-trouble-with-attribution-in-cyber-threat-intelligence-part-1 Fri, 18 Sep 2020 11:22:18 -0400 Haylee Hewlett https://intel471.com/blog/the-trouble-with-attribution-in-cyber-threat-intelligence-part-1 Partners in crime: North Koreans and elite Russian-speaking cybercriminals https://intel471.com/blog/partners-in-crime-north-koreans-and-elite-russian-speaking-cybercriminals Wed, 16 Sep 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/partners-in-crime-north-koreans-and-elite-russian-speaking-cybercriminals You Can Only Hunt What You Can See: Best Network Log Sources for Threat Hunting https://intel471.com/blog/you-can-only-hunt-what-you-can-see-best-network-log-sources-for-threat-hunting Tue, 08 Sep 2020 11:16:21 -0400 Haylee Hewlett https://intel471.com/blog/you-can-only-hunt-what-you-can-see-best-network-log-sources-for-threat-hunting Snatch Ransomware https://intel471.com/blog/snatch-ransomware Fri, 04 Sep 2020 12:36:00 -0400 Haylee Hewlett https://intel471.com/blog/snatch-ransomware COVID-19 and the Use of Offensive Cyber Operations https://intel471.com/blog/covid-19-and-the-use-of-offensive-cyber-operations Thu, 03 Sep 2020 11:14:32 -0400 Haylee Hewlett https://intel471.com/blog/covid-19-and-the-use-of-offensive-cyber-operations Threat Hunting & Threat Content Creation https://intel471.com/blog/threat-hunting-threat-content-creation Fri, 28 Aug 2020 11:13:00 -0400 Haylee Hewlett https://intel471.com/blog/threat-hunting-threat-content-creation The Rise of Doxware - Capable Ransomware https://intel471.com/blog/the-rise-of-doxware-capable-ransomware Thu, 27 Aug 2020 16:56:20 -0400 Haylee Hewlett https://intel471.com/blog/the-rise-of-doxware-capable-ransomware OSINT for Security Assessments https://intel471.com/blog/osint-for-security-assessments Wed, 26 Aug 2020 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/osint-for-security-assessments Black Hat USA 2020 Cyber Puzzle Solutions https://intel471.com/blog/black-hat-usa-2020-cyber-puzzle-solutions Wed, 12 Aug 2020 16:51:55 -0400 Haylee Hewlett https://intel471.com/blog/black-hat-usa-2020-cyber-puzzle-solutions Prioritizing “critical” vulnerabilities: A threat intelligence perspective https://intel471.com/blog/prioritizing-critical-vulnerabilities-a-threat-intelligence-perspective Wed, 12 Aug 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/prioritizing-critical-vulnerabilities-a-threat-intelligence-perspective OSINT for Cyber Threat Intelligence 09.08.2020 https://intel471.com/blog/osint-for-cyber-threat-intelligence-09-08-2020 Sun, 09 Aug 2020 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/osint-for-cyber-threat-intelligence-09-08-2020 How Cyborg Security Creates Threat Hunting Content https://intel471.com/blog/how-cyborg-creates-threat-hunting-content Fri, 07 Aug 2020 11:05:39 -0400 Haylee Hewlett https://intel471.com/blog/how-cyborg-creates-threat-hunting-content Black Hat Webcast | Understanding and Disrupting Offensive Innovations https://intel471.com/blog/webcast-understanding-and-disrupting-offensive-innovations Thu, 30 Jul 2020 12:14:51 -0400 Haylee Hewlett https://intel471.com/blog/webcast-understanding-and-disrupting-offensive-innovations Chance Favors the Prepared Mind: Building an Advanced Threat Hunter https://intel471.com/blog/chance-favors-the-prepared-mind-building-an-advanced-threat-hunter Tue, 28 Jul 2020 17:32:34 -0400 Haylee Hewlett https://intel471.com/blog/chance-favors-the-prepared-mind-building-an-advanced-threat-hunter Flowspec – TA505’s bulletproof hoster of choice https://intel471.com/blog/bulletproof-hoster-of-choice Wed, 15 Jul 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/bulletproof-hoster-of-choice Python Malware On The Rise https://intel471.com/blog/python-malware-on-the-rise Tue, 14 Jul 2020 09:27:38 -0400 Haylee Hewlett https://intel471.com/blog/python-malware-on-the-rise What the Heck is Threat Intelligence? https://intel471.com/blog/what-the-heck-is-threat-intelligence Fri, 10 Jul 2020 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/what-the-heck-is-threat-intelligence Iran’s domestic espionage: Lessons from recent data leaks https://intel471.com/blog/irans-domestic-espionage Wed, 08 Jul 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/irans-domestic-espionage Threat Content, Not Automation, Fuels Effective Threat Hunting https://intel471.com/blog/threat-content-not-automation-fuels-effective-threat-hunting Tue, 07 Jul 2020 09:21:59 -0400 Haylee Hewlett https://intel471.com/blog/threat-content-not-automation-fuels-effective-threat-hunting Coronavirus having minimal impact on prices, demand, and availability across the cybercriminal underground https://intel471.com/blog/coronavirus-having-minimal-impact-on-prices-demand-and-availability-across-the-cybercriminal-underground Wed, 17 Jun 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/coronavirus-having-minimal-impact-on-prices-demand-and-availability-across-the-cybercriminal-underground The Trouble With Threat Intelligence Today https://intel471.com/blog/the-trouble-with-threat-intelligence-today Wed, 03 Jun 2020 16:40:13 -0400 Haylee Hewlett https://intel471.com/blog/the-trouble-with-threat-intelligence-today 15 New modules for Open Source and SpiderFoot HX https://intel471.com/blog/15-new-modules-for-open-source-and-spiderfoot-hx Wed, 03 Jun 2020 00:00:00 -0400 Haylee Hewlett https://intel471.com/blog/15-new-modules-for-open-source-and-spiderfoot-hx SANS Webcast | Is Your Threat Hunting Effective? https://intel471.com/blog/webcast-is-your-threat-hunting-effective Tue, 26 May 2020 12:27:03 -0400 Haylee Hewlett https://intel471.com/blog/webcast-is-your-threat-hunting-effective A brief history of TA505 https://intel471.com/blog/a-brief-history-of-ta505 Thu, 21 May 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/a-brief-history-of-ta505 You need to adjust your patch priorities! https://intel471.com/blog/you-need-to-adjust-your-patch-priorities Thu, 21 May 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/you-need-to-adjust-your-patch-priorities Remexi Backdoor https://intel471.com/blog/remexi-backdoor Thu, 21 May 2020 11:12:00 -0400 Haylee Hewlett https://intel471.com/blog/remexi-backdoor Why You Need Internal SOC Analysts With Hands on Keyboards https://intel471.com/blog/why-you-need-internal-soc-analysts-with-hands-on-keyboards Mon, 18 May 2020 16:26:00 -0400 Haylee Hewlett https://intel471.com/blog/why-you-need-internal-soc-analysts-with-hands-on-keyboards Automation is a Tool for Analysts - Not Vice Versa https://intel471.com/blog/automation-is-a-tool-for-analysts-not-vice-versa Tue, 05 May 2020 16:18:48 -0400 Haylee Hewlett https://intel471.com/blog/automation-is-a-tool-for-analysts-not-vice-versa Changes in REvil ransomware version 2.2 https://intel471.com/blog/changes-in-revil-ransomware-version-2-2 Mon, 04 May 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/changes-in-revil-ransomware-version-2-2 COVID-19 pandemic: Through the eyes of a cybercriminal https://intel471.com/blog/covid-19-pandemic-through-the-cybercriminals-eyes Thu, 30 Apr 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/covid-19-pandemic-through-the-cybercriminals-eyes Network Content and You: Why Logs Matter in the Age of TLS\SSL https://intel471.com/blog/network-content-and-you-why-logs-matter-in-the-age-of-tlsssl Tue, 21 Apr 2020 16:06:38 -0400 Haylee Hewlett https://intel471.com/blog/network-content-and-you-why-logs-matter-in-the-age-of-tlsssl Understanding the relationship between Emotet, Ryuk and TrickBot https://intel471.com/blog/understanding-the-relationship-between-emotet-ryuk-and-trickbot Tue, 14 Apr 2020 14:00:00 -0400 Haylee Hewlett https://intel471.com/blog/understanding-the-relationship-between-emotet-ryuk-and-trickbot Porting the Bug Bounty Concept to Threat Hunting https://intel471.com/blog/porting-the-bug-bounty-concept-to-threat-hunting Thu, 09 Apr 2020 16:02:44 -0400 Haylee Hewlett https://intel471.com/blog/porting-the-bug-bounty-concept-to-threat-hunting REvil Ransomware-as-a-Service: An analysis of a ransomware affiliate operation https://intel471.com/blog/revil-ransomware-as-a-service-an-analysis-of-a-ransomware-affiliate-operation Wed, 01 Apr 2020 02:37:00 -0400 Haylee Hewlett https://intel471.com/blog/revil-ransomware-as-a-service-an-analysis-of-a-ransomware-affiliate-operation Why Artificial Intelligence Can't Save Your SOC https://intel471.com/blog/why-artificial-intelligence-cant-save-your-soc Tue, 31 Mar 2020 15:59:58 -0400 Haylee Hewlett https://intel471.com/blog/why-artificial-intelligence-cant-save-your-soc Analysis of an attempted attack against Intel 471 https://intel471.com/blog/analysis-of-an-attempted-attack-against-intel-471 Thu, 26 Mar 2020 02:43:00 -0400 Haylee Hewlett https://intel471.com/blog/analysis-of-an-attempted-attack-against-intel-471 3 Factors Holding Back Threat Hunting Today https://intel471.com/blog/3-factors-holding-back-threat-hunting-today Wed, 25 Mar 2020 15:47:48 -0400 Haylee Hewlett https://intel471.com/blog/3-factors-holding-back-threat-hunting-today Malicious actors leverage Coronavirus Disease 2019 fear to increase business https://intel471.com/blog/malicious-actors-leverage-coronavirus-disease-2019-fear-to-increase-business Thu, 19 Mar 2020 02:53:00 -0400 Haylee Hewlett https://intel471.com/blog/malicious-actors-leverage-coronavirus-disease-2019-fear-to-increase-business Threat Hunting and You: Why Content is Critical to Threat Hunting https://intel471.com/blog/threat-hunting-and-you-why-content-is-critical-to-threat-hunting Mon, 09 Mar 2020 15:41:08 -0400 Haylee Hewlett https://intel471.com/blog/threat-hunting-and-you-why-content-is-critical-to-threat-hunting Introducing Intel 471’s Cybercrime Underground General Intelligence Requirements (CU-GIR): a common framework to address a common challenge https://intel471.com/blog/introducing-intel-471s-cybercrime-underground-general-intelligence-requirements-cu-gir-a-common-framework-to-address-a-common-challenge Wed, 26 Feb 2020 02:33:00 -0500 Haylee Hewlett https://intel471.com/blog/introducing-intel-471s-cybercrime-underground-general-intelligence-requirements-cu-gir-a-common-framework-to-address-a-common-challenge Intelligence requirements: Moving from concept to practice https://intel471.com/blog/intelligence-requirements-moving-from-concept-to-practice Fri, 14 Feb 2020 02:31:00 -0500 Haylee Hewlett https://intel471.com/blog/intelligence-requirements-moving-from-concept-to-practice Nixintel: Crypto Scam Investigation Using SpiderFoot HX For OSINT Automation https://intel471.com/blog/nixintel-crypto-scam-investigation-using-spiderfoot-hx-for-osint-automation Mon, 16 Dec 2019 00:00:00 -0500 Haylee Hewlett https://intel471.com/blog/nixintel-crypto-scam-investigation-using-spiderfoot-hx-for-osint-automation Nixintel: SpiderFoot HX Case Study of Investigating A Phishing Domain https://intel471.com/blog/nixintel-spiderfoot-hx-case-study-of-investigating-a-phishing-domain Tue, 03 Dec 2019 00:00:00 -0500 Haylee Hewlett https://intel471.com/blog/nixintel-spiderfoot-hx-case-study-of-investigating-a-phishing-domain Nixintel: SpiderFoot HX Case Study of Investigating a Malicious IP Address. https://intel471.com/blog/nixintel-spiderfoot-hx-case-study-of-investigating-a-malicious-ip-address Thu, 21 Nov 2019 00:00:00 -0500 Haylee Hewlett https://intel471.com/blog/nixintel-spiderfoot-hx-case-study-of-investigating-a-malicious-ip-address In this blog post by SpiderFoot author, Steve Micallef, see how OSINT is used to investigate a Bitcoin scam. https://intel471.com/blog/how-osint-is-used-to-investigate-a-bitcoin-scam Mon, 18 Nov 2019 00:00:00 -0500 Haylee Hewlett https://intel471.com/blog/how-osint-is-used-to-investigate-a-bitcoin-scam Rae Baker Investigates an Online Scam using SpiderFoot HX. https://intel471.com/blog/rae-baker-investigates-an-online-scam-using-spiderfoot-hx Fri, 15 Nov 2019 00:00:00 -0500 Haylee Hewlett https://intel471.com/blog/rae-baker-investigates-an-online-scam-using-spiderfoot-hx Melting the deep and dark web myth and why we hate the phrase https://intel471.com/blog/melting-the-deep-and-dark-web-myth-and-why-we-hate-the-phrase Tue, 10 Sep 2019 02:29:00 -0400 Haylee Hewlett https://intel471.com/blog/melting-the-deep-and-dark-web-myth-and-why-we-hate-the-phrase OSINT is re-defining what an organisation’s perimeter looks like. https://intel471.com/blog/osint-is-re-defining-what-an-organisations-perimeter-looks-like Sun, 27 Jan 2019 00:00:00 -0500 Haylee Hewlett https://intel471.com/blog/osint-is-re-defining-what-an-organisations-perimeter-looks-like No, the criminal underground isn’t dropping its use of Bitcoin anytime soon https://intel471.com/blog/no-the-criminal-underground-isnt-dropping-its-use-of-bitcoin-anytime-soon Thu, 04 Jan 2018 02:28:00 -0500 Haylee Hewlett https://intel471.com/blog/no-the-criminal-underground-isnt-dropping-its-use-of-bitcoin-anytime-soon Naming malware: What’s in a name? https://intel471.com/blog/naming-malware-whats-in-a-name Wed, 31 May 2017 02:26:00 -0400 Haylee Hewlett https://intel471.com/blog/naming-malware-whats-in-a-name Being a cyber threat intelligence analyst and operating in the fog of uncertainty https://intel471.com/blog/being-a-cyber-threat-intelligence-analyst-and-operating-in-the-fog-of-uncertainty Thu, 18 May 2017 02:24:00 -0400 Haylee Hewlett https://intel471.com/blog/being-a-cyber-threat-intelligence-analyst-and-operating-in-the-fog-of-uncertainty Who hacked the Democratic National Committee? https://intel471.com/blog/who-hacked-the-democratic-national-committee Fri, 17 Jun 2016 02:23:00 -0400 Haylee Hewlett https://intel471.com/blog/who-hacked-the-democratic-national-committee Cyber threat intelligence: Why should I be worried about threats that aren’t specifically about my organization? https://intel471.com/blog/cyber-threat-intelligence-why-should-i-be-worried-about-threats-that-arent-specifically-about-my-organization Thu, 19 May 2016 02:21:00 -0400 Haylee Hewlett https://intel471.com/blog/cyber-threat-intelligence-why-should-i-be-worried-about-threats-that-arent-specifically-about-my-organization Actionable intelligence — Is it a capability problem or does your intelligence provider suck? https://intel471.com/blog/actionable-intelligence-is-it-a-capability-problem-or-does-your-intelligence-provider-suck Thu, 19 May 2016 02:19:00 -0400 Haylee Hewlett https://intel471.com/blog/actionable-intelligence-is-it-a-capability-problem-or-does-your-intelligence-provider-suck Cyber threat intelligence requirements: What are they, what are they for and how do they fit in the… https://intel471.com/blog/cyber-threat-intelligence-requirements-what-are-they-what-are-they-for-and-how-do-they-fit-in-the Thu, 19 May 2016 02:16:00 -0400 Haylee Hewlett https://intel471.com/blog/cyber-threat-intelligence-requirements-what-are-they-what-are-they-for-and-how-do-they-fit-in-the Cyber Threat Intelligence: Comparing the incident-centric and actor-centric approaches https://intel471.com/blog/cyber-threat-intelligence-comparing-the-incident-centric-and-actor-centric-approaches Thu, 19 May 2016 02:13:00 -0400 Haylee Hewlett https://intel471.com/blog/cyber-threat-intelligence-comparing-the-incident-centric-and-actor-centric-approaches Cyber Threat Intelligence: Observing the adversary https://intel471.com/blog/cyber-threat-intelligence-observing-the-adversary Tue, 17 May 2016 03:00:00 -0400 Haylee Hewlett https://intel471.com/blog/cyber-threat-intelligence-observing-the-adversary