Intel 471

We are thrilled to announce Ashley Jess of Intel 471 has been recognized as a "Woman to Watch" by SC Media’s 2024 Women in IT Security Awards! "Ashley Jess personifies a ‘Woman to Watch’ in cybersecurity,” said Michael DeBolt, Chief Intelligence Officer at Intel 471. “Besides being wicked smart, Ashley inspires others across the industry with her contagiously positive attitude and genuine commitment to empowering colleagues in the pursuit to leverage their knowledge, skills and competencies in protecting individuals, organizations and/or nations from cyber threats.” Please join us in congratulating Ashley! Read more here: https://hubs.ly/Q02Ycl-l0 #Intel471 #CTI #WomenInIT

Malware crypting services, called crypters, obfuscate malicious files to bypass and evade antivirus capabilities. Ransomware gangs increasingly outsource this work to third-parties in order to increase the effectiveness of their malware. In October, we observed several actors offering malware crypting services that can bypass Microsoft Edge, Google Chrome, and Microsoft Defender protection mechanisms. The growing commoditization of crypting services and tools makes it easier than ever for threat actors to wage malicious campaigns undetected by endpoint security. It also underscores why intelligence-driven threat hunting is now a must-have capability. 📌 Learn more about malware crypting on the Intel 471 blog: https://lnkd.in/dJUwX3ez 📌 Explore our full report on Adversary Intelligence to discover comprehensive insights into malware crypting in the cyber underground: https://lnkd.in/gt2ED7G7

Turla, a Russian APT linked to the FSB, has been a major cyber-espionage force for decades, exploiting critical infrastructure and stealing sensitive information with advanced techniques. Their Snake malware, a stealthy peer-to-peer espionage network, operated undetected for years. Snake’s ability to mimic legitimate Windows binaries, like “WerFault.exe,” highlights Turla’s expertise in evasion and persistence. In this case study, Intel 471 shares insights on Turla’s sophisticated methods and the importance of proactive threat hunting: https://hubs.la/Q02Y6XMJ0 #threathunting #threatintelligence #turla #cybersecurity

November 20, 2024, 12:00 - 1:00 PM ET: Join us for a hands-on workshop centered on the MITRE ATT&CK Discovery tactic (TA0007). Guided by our experts, this session will sharpen your skills in proactively identifying and disrupting potential attacker movements within your network. You’ll work directly with advanced tools in a realistic environment, gaining practical skills to take back to your organization. Complete the final challenge, and you’ll earn the "Threat Hunting – Discovery (Level I)" certification, a testament to your ability to stay ahead of adversaries. Perfect for cybersecurity pros ready to elevate their threat hunting approach. Sign up today: https://lnkd.in/gKsPcCP8 #threathunting #threatintelligence #cybersecurity #threathuntingworkshop #MITREATTACK #discovery

On this Veteran’s Day, let us remember all those who have served, and those who continue to serve. Your courage inspires us all. Thank you for your service and sacrifice. #VeteransDay

Mark your calendar for December 5th from 12:00 - 1:30 PM ET and join a special, holiday-themed episode of Out of the Woods: The Threat Hunting Podcast! This live event offers a unique, interactive experience on Discord, where you can connect with our hosts, participate in polls, ask questions, and engage with the cybersecurity community in real-time. In this episode, we’ll discuss what it takes to reach the “ideal outcome” in threat hunting, covering the must-have security stack, the impact of a well-structured hunt, and how to build lasting synergy within your team. Join us to explore the best practices and participate in the conversation. #threathunting #cybersecuritypodcast #threatintelligence #threathunters #outofthewoods

Telephone-oriented attack delivery (TOAD) techniques, including callback phishing and hybrid vishing, have been around for years and continue to be a primary tool used by cybercriminals and ransomware gangs. In the past year, we’ve seen an uptick in attacks using phone-based social engineering and TOAD techniques, including over 60 bad actors on underground forums offering illicit calling services. The recent headlines-making $243 million cryptocurrency heist in the USA involving bitcoin theft, carjacking, and abduction reflects the effectiveness of TOAD attacks. It also illustrates the real-world, upward trend of techniques at play, and calls for attack preparedness. 📌 Learn more about TOAD on the Intel 471 blog: https://lnkd.in/gXiUtBgP

We had a great time at ProVision in Bucharest today! We had a full day filled with insightful panel discussions, including great conversations with professionals in leading roles across cyber security. We remain committed to providing you the best #CTI solutions, and we’re honored to be your trusted source for cyber crime intelligence. Thank you #ProVision for a terrific event! #intel471 #cybersecurity #CTI

With the recent arrest of Alexander "Connor" Moucka, aka ‘Judische,’ Intel 471 examines his alleged techniques for compromising Snowflake accounts and his ties to cybercrime forums. Using infostealers like Vidar and RedLine, Moucka and other Com actors exploited identity security gaps, bypassed MFA, and employed SIM-swapping to access sensitive data. This blog sheds light on the tactics used and the security weaknesses they target, along with key steps to help strengthen defenses. Read the full analysis for a closer look at 'Judische' and his methods: https://hubs.la/Q02X5JYW0 #cybersecurity #threatintelligence #threathunting #snowflake #cybercrime

Intel 471’s Mike Mitchell joins PlexTrac’s Friends Friday podcast with Dan DeCloss to discuss “The Art and Science of Threat Hunting.” Together, they’ll explore key paths into threat hunting, operational success strategies, and industry experience insights. Tune in on Friday, November 8. Register today: https://hubs.la/Q02X5pRr0 #threathunting #cybersecurity #threatintelligence