Research

Cutting edge threat intelligence and research from the Intel 471 team
Bulletproof Hosting Services and Cybercrime: Yalishanda Case Study

Bulletproof Hosting Services and Cybercrime: Yalishanda Case Study

Apr 12, 2022

Intel 471 closely monitors numerous BPH operations, but one has grown in popularity across the underground, Yalishanda.

Initial Access Offers, Ransomware Incidents

Initial Access Offers, Ransomware Incidents

Apr 05, 2022

Purchasing access to organizations allows threat actors to reduce the time it takes to enter an environment. In 2021, the average time between a network access offer and a ransomware-as-a-service (RaaS) affiliate program breaching the same entity was 71 days.

Ransomware Variants Q4 2021

Ransomware Variants Q4 2021

Mar 14, 2022

This report examines the leading ransomware variants related events for Q4 2021 specifically observed by Intel 471.

Overview of Cyber Threat Trends to Beware of in 2022

Overview of Cyber Threat Trends to Beware of in 2022

Feb 22, 2022

Cybersecurity increasingly has become a priority for organizations across all sectors as technology continues to advance worldwide. This report aims to provide a high-level overview of these threats, which likely will remain prevalent and worthy of continued focus throughout 2022.

Threat Actors Looking for a Steal: Key Threats Impacting the Retail Industry

Threat Actors Looking for a Steal: Key Threats Impacting the Retail Industry

Feb 17, 2022

The retail industry is a highly targeted vertical, a trend Intel 471 assesses is certain to continue since defrauding retailers remains a lucrative pursuit for financially motivated threat actors.

Log4j Vulnerability Situation Report

Log4j Vulnerability Situation Report

Dec 17, 2021

This report aims to provide you with a consolidated update of all of our findings regarding the Log4j aka Log4Shell vulnerability, tracked as CVE-2021-44228, up to December 16, 2021.

451 Research Publishes Intel 471 Report

451 Research Publishes Intel 471 Report

Jul 20, 2021

Intel 471 analysis identifies the most useful among forums and venues of greatest relevance to cyberthreats affecting its clients.

Cobalt Strike - A Toolkit for Pentesters Whitepaper

Cobalt Strike - A Toolkit for Pentesters Whitepaper

May 19, 2021

The cybercrime underground’s adoption of Cobalt Strike correlates with the rise in ransomware activity over the past few years.

Frost & Sullivan 2021 Customer Value Leadership Award Intel 471

Frost & Sullivan 2021 Customer Value Leadership Award Intel 471

May 18, 2021

For its strong overall performance, Intel 471 is recognized with Frost & Sullivan’s 2021 Customer Value Leadership Award.

Threats Persist Against Financial Services Sector: Products, Goods, Services Continue to Fuel Attack Schemes

Threats Persist Against Financial Services Sector: Products, Goods, Services Continue to Fuel Attack Schemes

Apr 22, 2021

The financial services sector continues to garner serious interest from underground threat actors, and it is unlikely to change during the following year.

Leveraging Intel 471’s Malware Intelligence Data Using MISP Whitepaper

Leveraging Intel 471’s Malware Intelligence Data Using MISP Whitepaper

Mar 26, 2021

Using Intel 471’s Malware Intelligence with MISP provides clients with constant coverage of top-tier malware families.

Mobile Malware - Underground Perspective Whitepaper

Mobile Malware - Underground Perspective Whitepaper

Feb 01, 2021

As customers shifted to mobile banking, the focus of mobile malware also changed. Threat actors began to execute attacks on the infected device using overlays to phish data and two-factor authentication (2FA) tokens from victims.

Government Censorship, Surveillance Influence Chinese Cybercrime Underground Whitepaper

Government Censorship, Surveillance Influence Chinese Cybercrime Underground Whitepaper

Dec 08, 2020

The underground marketplace functions like any other marketplace, including buyers and sellers with fluctuating supply and demand for different products and services.