Qilin Ransomware Adds "Call Lawyer" Feature to Pressure Victims for Larger Ransoms
The threat actors behind the Qilin ransomware-as-a-service (RaaS) scheme are now offering legal counsel for affiliates to put more pressure on victims to pay up, as the cybercrime group intensifies its activity and tries to fill the void left by its rivals.
Andrei Tarasov: Escape Artist, Nihilist, Dangerous Russian Cybercriminal
Security Week’s Kevin Townsend writes that a recent Intel 471 report explores the career of Andrei Tarasov, a cybercriminal deeply involved in exploit kit and ransomware operations.
Researchers warn of privilege escalation attacks on Android devices
Research published by Intel 471 found a surge in Android malware that involves hidden virtual network computing, keylogging, and remote control functionalities.
The Mystery Behind Notorious Russian Hacker DukeEugene
The hacker, known as DukeEugene, who the experts said sold expensive Android hacking services to other criminals, told everyone exactly where he was going: the frontlines of the invasion of Ukraine.
DragonForce Ransomware Group – The Rise of a Relentless Cyber Threat in 2025
The cybersecurity landscape has witnessed the emergence of increasingly sophisticated ransomware operations, with DragonForce standing out as a particularly concerning threat actor that has evolved from politically motivated attacks to large-scale financial extortion campaigns.

Three things to learn to stay afloat in today’s digital world
AI is seeping into our everyday lives through the smallest of holes. Do you feel like a dinosaur if you are not using AI? It seems that many employees are being pressured into vibe’ing at work by using some large language model (LLM).

Here’s why ignoring politics is no longer an option for cyber pros
Ashley Jess, an Intel 471 senior intelligence analyst, was quoted in this Cybernews article on intersection of cyber and politics.

Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
Intel 471, in a report last week, highlighted an increase in Android malware incorporating hidden virtual network computing (HVNC), keylogging, and remote control functionalities, and a decrease in web injects.

How emerging ransomware trends can help inform payment decisions
Thanks to intensified activity on the part of law enforcement agencies worldwide – resulting in the shutdown of highly profitable and destructive ransomware-as-a-service (RaaS) groups such as LockBit – we’ve seen some encouraging signs within the ongoing fight against ransomware threats.

Threat Actors Exploit Malware Loaders to Circumvent Android 13+ Accessibility Safeguards
Threat actors have successfully adapted to Google’s stringent accessibility restrictions introduced in Android 13 and later versions. According to Intel 471's Report, this loader enables attackers to sidestep Google’s restrictions, ensuring that malware can exploit accessibility features to harvest sensitive data and execute unauthorized actions.