Click here to download all references as Bib-File.•
2021-06-22
⋅
Maltego
⋅
Chasing DarkSide Affiliates: Identifying Threat Actors Connected to Darkside Ransomware Using Maltego & Intel 471 DarkSide DarkSide |
2021-06-08
⋅
Intel 471
⋅
The blurry boundaries between nation-state actors and the cybercrime underground Dridex Gameover P2P |
2021-06-02
⋅
Intel 471
⋅
Call for crimes? Russian-language forum runs contest for cryptocurrency hacks |
2021-05-19
⋅
Intel 471
⋅
Look how many cybercriminals love Cobalt Strike BazarBackdoor Cobalt Strike Hancitor QakBot SmokeLoader SystemBC TrickBot |
2021-05-14
⋅
Intel 471
⋅
The moral underground? Ransomware operators retreat after Colonial Pipeline hack DarkSide DarkSide |
2021-05-10
⋅
Intel 471
⋅
Here’s what we know about DarkSide ransomware DarkSide |
2021-04-26
⋅
Intel 471
⋅
The cybercriminal underground hasn’t forgotten about financial services |
2021-04-19
⋅
Intel 471
⋅
How China’s cybercrime underground is making money off big data |
2021-04-06
⋅
Intel 471
⋅
EtterSilent: the underground’s new favorite maldoc builder BazarBackdoor ISFB QakBot TrickBot |
2021-02-17
⋅
Intel 471
⋅
Egregor operation takes huge hit after police raids Egregor |
2021-01-27
⋅
Intel 471
⋅
Emotet takedown is not like the Trickbot takedown Emotet |
2021-01-15
⋅
Intel 471
⋅
Last Dash for Joker’s Stash: Carding forum may close in 30 days |
2020-12-18
⋅
Intel 471
⋅
TA505’s modified loader means new attack campaign could be coming Get2 |
2020-12-16
⋅
Intel 471
⋅
Intel471's full statement on their knowledge of SolarWinds and the cybercriminal underground SUNBURST |
2020-12-10
⋅
Intel 471
⋅
No pandas, just people: The current state of China’s cybercrime underground Anubis SpyNote AsyncRAT Cobalt Strike Ghost RAT NjRAT |
2020-12-01
⋅
Intel 471
⋅
Steal, then strike: Access merchants are first clues to future ransomware attacks DoppelPaymer |
2020-11-23
⋅
Intel 471
⋅
Here’s what happens after a business gets hit with ransomware |
2020-11-16
⋅
Intel 471
⋅
Ransomware-as-a-service: The pandemic within a pandemic Avaddon Clop Conti DoppelPaymer Egregor Hakbit Mailto Maze Mespinoza RagnarLocker REvil Ryuk SunCrypt ThunderX |
2020-11-10
⋅
Intel 471
⋅
Trickbot down, but is it out? BazarBackdoor TrickBot |
2020-10-28
⋅
Intel 471
⋅
Alleged REvil member spills details on group’s ransomware operations REvil |
2020-10-20
⋅
Intel 471
⋅
Global Trickbot disruption operation shows promise TrickBot |
2020-10-15
⋅
Intel 471
⋅
That was quick: Trickbot is back after disruption attempts TrickBot |
2020-09-16
⋅
Intel 471
⋅
Partners in crime: North Koreans and elite Russian-speaking cybercriminals TrickBot |
2020-08-12
⋅
Intel 471
⋅
Prioritizing “critical” vulnerabilities: A threat intelligence perspective |
2020-07-15
⋅
Intel 471
⋅
Flowspec – TA505’s bulletproof hoster of choice Get2 |
2020-07-08
⋅
Intel 471
⋅
Iran’s domestic espionage: Lessons from recent data leaks |
2020-05-21
⋅
Intel 471
⋅
A brief history of TA505 AndroMut Bart Dridex FlawedAmmyy FlawedGrace Gandcrab Get2 GlobeImposter Jaff Kegotip Locky Necurs Philadephia Ransom Pony QuantLoader Rockloader SDBbot ServHelper Shifu Snatch TrickBot |
2020-05-04
⋅
Intel 471
⋅
Changes in REvil ransomware version 2.2 REvil |
2020-04-14
⋅
Intel 471
⋅
Understanding the relationship between Emotet, Ryuk and TrickBot Emotet Ryuk TrickBot |
2020-03-31
⋅
Intel 471
⋅
REvil Ransomware-as-a-Service – An analysis of a ransomware affiliate operation Gandcrab REvil |