How an alleged Russian hacker slipped away
Russian man Andrei Tarasov was indicted on cybercrime charges related to the Angler exploit kit. He was arrested in Germany but slipped away to Russia — despite his anti-Russian views.
Andrei Tarasov: Inside the Journey of a Russian Hacker on the FBI’s Most Wanted List
The precise date of his flight from Russia is unknown – but despite this antipathy, he returned to Russia in January 2024. This period between the two events is the focus of a report from Intel 471.
Staying Ahead with Threat Intelligence: Michael DeBolt Of Intel 471 On How to Stay Informed and Agile About New Cyber Security Threats
As Chief Intelligence Officer, Michael DeBolt is part of the Intel 471 executive team leading a globally diverse team of adversary and technical researchers, linguists, analysts, and intelligence consultants serving client CTI teams representing organizations in all shapes and sizes.
Threat hunting case study: Medusa ransomware
The Medusa gang is one of the most active ransomware-as-a-service groups. Here's how to threat hunt for a User Account Control bypass, one of the tactics, techniques and procedures this group and its affiliates use.
The Business Value of Threat Hunting
Threat hunting has become indispensable for finding advanced criminal, nation-state, and state-backed threats that use popular techniques to evade detection.
Maximizing returns on cybersecurity investments with Intelligence-Driven Threat Hunting
This webinar offers security leaders and decision makers useful strategies to build a successful threat hunt program aligned with their corporate goals.
SANS 2025 Threat Hunting Survey: Staged for Success
In this paper, we examine these major trends in detail, and explore how Intel 471’s HUNTER platform provides solutions to the issues presented.
DragonForce Ransomware
DragonForce is a Ransomware-as-a-Service group targeting global industries with customizable payloads, enabling widespread attacks and persistent extortion through an affiliate-driven model.
CVE-2025-31324 - SAP NetWeaver Vulnerability
CVE-2025-31324 is a critical flaw in SAP NetWeaver’s Visual Composer that allows unauthenticated attackers to upload malicious files and gain full system control. Threat actors are already exploiting it in the wild using JSP web shells for persistence and data theft.
Meet Emma…HR Disruptor and Club member!
As VP of HR, Emma Denning leads a team that balances strategy with agility, ensuring a globally dispersed, remote workforce stays connected, engaged, and empowered. From replacing policies with light touch principles to championing trust and accountability, Emma is helping shape an HR function that truly supports both people and performance. In this spotlight, Emma shares her insights on what it takes to build an agile, people-first HR function that truly makes a difference.
Managing a cyber crisis
Cyber incidents pose not only technical challenges but communications challenges. Tom Bolitho of FTI Consulting shares guidance on successful strategies to manage complex stakeholder demands and minimize reputational damage.
Threat Hunting: Inmersión en Malware
Descubre cómo potenciar tu programa de CTI y mejorar tus defensas partiendo desde IOCs a implementar threat-hunting basado en comportamiento. Únete a Jorge Rodríguez, director de malware research en Intel 471 en nuestro siguiente webinar el 30 de abril.