Category Archives: Intel 471

A Retrospective on the 2015 Ashley Madison Breach

Posted on by

It’s been seven years since the online cheating site AshleyMadison.com was hacked and highly sensitive data about its users posted online. The leak led to the public shaming and extortion of many AshleyMadison users, and to at least two suicides. To date, little is publicly known about the perpetrators or the true motivation for the attack. But a recent review of AshleyMadison mentions across Russian cybercrime forums and far-right underground websites in the months leading up to the hack revealed some previously unreported details that may deserve further scrutiny. Continue reading A Retrospective on the 2015 Ashley Madison Breach

TrickBot malware suddenly got quiet, researchers say, but it’s hardly the end for its operators

Posted on by

The operators of TrickBot have essentially shut down the notorious malware, multiple reports say, but evidence suggests the gang has begun using other platforms or folded operations into another cybercrime group altogether. Researchers at Intel471 and AdvIntel noted a sharp dip in recent TrickBot activity in separate reports Thursday, even though the command-and-control infrastructure for the malware remains operational. Intel471 said “it’s likely that the Trickbot operators have phased Trickbot malware out of their operations in favor of other platforms,” probably Emotet — a development researchers have been tracking for months. AdvIntel’s Yelisey Boguslavskiy, meanwhile, said in his report that TrickBot’s operators had been subsumed into Conti, a Russia-linked cybercrime group known for offering “ransomware as a service” packages to its affiliates. Researchers previously had noted TrickBot connections with Conti. “In name, at least, this means that TrickBot’s four-year saga is now coming to a close — the liaison that […]

The post TrickBot malware suddenly got quiet, researchers say, but it’s hardly the end for its operators appeared first on CyberScoop.

Continue reading TrickBot malware suddenly got quiet, researchers say, but it’s hardly the end for its operators

CyCognito partners with Intel 471 to strengthen cybersecurity postures for enterprise customers

Posted on by

CyCognito announced that it has established a new alliance with Intel 471, a premier cybercrime intelligence provider. CyCognito addresses a fundamental security gap created when organizations use the internet to create IT ecosystems that span on-premi… Continue reading CyCognito partners with Intel 471 to strengthen cybersecurity postures for enterprise customers

ThreatQ v5 supports the SOC of the future with data management capabilities

Posted on by

ThreatQuotient announced v5 of the ThreatQ platform, launching capabilities needed today to support the security operations center (SOC) of the future, where data is the foundation. ThreatQ’s newest features include a unique DataLinq Engine for connect… Continue reading ThreatQ v5 supports the SOC of the future with data management capabilities

The Rise of One-Time Password Interception Bots

Posted on by

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. That service quickly went offline, but new research reveals a number of competitors have since launched bot-based services that make it relatively easy for crooks to phish OTPs from targets. Continue reading The Rise of One-Time Password Interception Bots

Leveraging threat intelligence to tackle supply chain vulnerabilities

Posted on by

In this interview with Help Net Security, Brandon Hoffman, CISO at Intel 471, talks about the growing threat of supply chain attacks, the most common supply chain vulnerabilities and how the right threat intelligence can help stay on top of these threa… Continue reading Leveraging threat intelligence to tackle supply chain vulnerabilities

Groove ransomware gang is a motley crew of disgruntled hackers, researchers say

Posted on by

Another new ransomware gang is making waves with an unconventional structure, its unique pedigree and an early victim. A coalition of researchers on Thursday explained what makes Groove, a gang that quietly emerged in July with a website, different: Namely, it eschews the traditional ransomware-as-a-service hierarchy in favor of an opportunistic pledge that they’ll work with anyone as long as there’s money to be made. The researchers — from McAfee, Intel 471 and Coveware — traced the group’s origins to a likely split with the Babuk gang, part of a trend of turmoil within extortion groups that use the ransomware-as-a-service (RaaS) model where affiliates get to use an outfit’s malware in exchange for sharing profits. For instance, a disgruntled former Conti affiliate recently leaked the group’s attack playbook. Already, there’s evidence the researchers uncovered that Groove has worked with another ransomware gang, BlackMatter, that likewise recently emerged. That group is […]

The post Groove ransomware gang is a motley crew of disgruntled hackers, researchers say appeared first on CyberScoop.

Continue reading Groove ransomware gang is a motley crew of disgruntled hackers, researchers say

Thoma Bravo invests in Intel 471 to boost threat preparedness capabilities worldwide

Posted on by

Thoma Bravo announced it has signed a definitive agreement to make a strategic growth investment in Intel 471, a provider of cyber threat intelligence for leading enterprises and governments. Co-founders Mark Arena and Jason Passwaters will continue to… Continue reading Thoma Bravo invests in Intel 471 to boost threat preparedness capabilities worldwide

Why RaaS Has Become Easier to Launch

Posted on by

Straight from the researchers at Intel 471 comes this pro tip for cybersecurity teams inside organizations: Being proactive about what the cybercriminal underground is learning and how it’s behaving can help you pinpoint solutions for your secur… Continue reading Why RaaS Has Become Easier to Launch