Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-08-23Intel 471Intel 471
@online{471:20210823:heres:49f1424, author = {Intel 471}, title = {{Here's how to guard your enterprise against ShinyHunters}}, date = {2021-08-23}, organization = {Intel 471}, url = {https://intel471.com/blog/shinyhunters-data-breach-mitre-attack}, language = {English}, urldate = {2021-08-25} } Here's how to guard your enterprise against ShinyHunters
2021-07-14Intel 471Intel 471
@online{471:20210714:how:0cf4b03, author = {Intel 471}, title = {{How cybercriminals create turbulence for the transportation industry}}, date = {2021-07-14}, organization = {Intel 471}, url = {https://intel471.com/blog/how-cybercriminals-create-turbulence-for-the-transportation-industry}, language = {English}, urldate = {2021-07-29} } How cybercriminals create turbulence for the transportation industry
Mount Locker Nefilim
2021-06-23Intel 471Greg Otto
@online{otto:20210623:cybercriminals:63b3308, author = {Greg Otto}, title = {{Cybercriminals shop around for schemes targeting retail}}, date = {2021-06-23}, organization = {Intel 471}, url = {https://intel471.com/blog/retail-cybercrime-threats-2021}, language = {English}, urldate = {2021-06-24} } Cybercriminals shop around for schemes targeting retail
2021-06-22MaltegoMaltego Team, Intel 471
@online{team:20210622:chasing:91032a1, author = {Maltego Team and Intel 471}, title = {{Chasing DarkSide Affiliates: Identifying Threat Actors Connected to Darkside Ransomware Using Maltego & Intel 471}}, date = {2021-06-22}, organization = {Maltego}, url = {https://www.maltego.com/blog/chasing-darkside-affiliates-identifying-threat-actors-connected-to-darkside-ransomware-using-maltego-intel-471-1/}, language = {English}, urldate = {2021-06-23} } Chasing DarkSide Affiliates: Identifying Threat Actors Connected to Darkside Ransomware Using Maltego & Intel 471
DarkSide DarkSide
2021-06-08Intel 471Intel 471
@online{471:20210608:blurry:5b278e5, author = {Intel 471}, title = {{The blurry boundaries between nation-state actors and the cybercrime underground}}, date = {2021-06-08}, organization = {Intel 471}, url = {https://www.intel471.com/blog/cybercrime-russia-china-iran-nation-state}, language = {English}, urldate = {2021-06-16} } The blurry boundaries between nation-state actors and the cybercrime underground
Dridex Gameover P2P
2021-06-02Intel 471Greg Otto
@online{otto:20210602:call:ad8156c, author = {Greg Otto}, title = {{Call for crimes? Russian-language forum runs contest for cryptocurrency hacks}}, date = {2021-06-02}, organization = {Intel 471}, url = {https://intel471.com/blog/call-for-crimes-russian-language-forum-runs-contest-for-cryptocurrency-hacks}, language = {English}, urldate = {2021-06-24} } Call for crimes? Russian-language forum runs contest for cryptocurrency hacks
2021-05-19Intel 471Intel 471
@online{471:20210519:look:5ba9516, author = {Intel 471}, title = {{Look how many cybercriminals love Cobalt Strike}}, date = {2021-05-19}, organization = {Intel 471}, url = {https://www.intel471.com/blog/Cobalt-strike-cybercriminals-trickbot-qbot-hancitor}, language = {English}, urldate = {2021-05-19} } Look how many cybercriminals love Cobalt Strike
BazarBackdoor Cobalt Strike Hancitor QakBot SmokeLoader SystemBC TrickBot
2021-05-14Intel 471Intel 471
@online{471:20210514:moral:83d138a, author = {Intel 471}, title = {{The moral underground? Ransomware operators retreat after Colonial Pipeline hack}}, date = {2021-05-14}, organization = {Intel 471}, url = {https://www.intel471.com/blog/darkside-ransomware-shut-down-revil-avaddon-cybercrime}, language = {English}, urldate = {2021-05-17} } The moral underground? Ransomware operators retreat after Colonial Pipeline hack
DarkSide DarkSide
2021-05-10Intel 471Intel 471
@online{471:20210510:heres:ebc6e81, author = {Intel 471}, title = {{Here’s what we know about DarkSide ransomware}}, date = {2021-05-10}, organization = {Intel 471}, url = {https://www.intel471.com/blog/darkside-ransomware-colonial-pipeline-attack}, language = {English}, urldate = {2021-05-13} } Here’s what we know about DarkSide ransomware
DarkSide
2021-04-26Intel 471Intel 471
@online{471:20210426:cybercriminal:a1f6da3, author = {Intel 471}, title = {{The cybercriminal underground hasn’t forgotten about financial services}}, date = {2021-04-26}, organization = {Intel 471}, url = {https://www.intel471.com/blog/financial-cybercrime-2021-jackpotting-atm-malware}, language = {English}, urldate = {2021-05-03} } The cybercriminal underground hasn’t forgotten about financial services
2021-04-19Intel 471Intel 471
@online{471:20210419:how:2cba4f2, author = {Intel 471}, title = {{How China’s cybercrime underground is making money off big data}}, date = {2021-04-19}, organization = {Intel 471}, url = {https://intel471.com/blog/china-cybercrime-big-data-privacy-laws/}, language = {English}, urldate = {2021-04-20} } How China’s cybercrime underground is making money off big data
2021-04-06Intel 471Intel 471
@online{471:20210406:ettersilent:b591f59, author = {Intel 471}, title = {{EtterSilent: the underground’s new favorite maldoc builder}}, date = {2021-04-06}, organization = {Intel 471}, url = {https://intel471.com/blog/ettersilent-maldoc-builder-macro-trickbot-qbot/}, language = {English}, urldate = {2021-04-06} } EtterSilent: the underground’s new favorite maldoc builder
BazarBackdoor ISFB QakBot TrickBot
2021-02-17Intel 471Intel 471
@online{471:20210217:egregor:6194a4b, author = {Intel 471}, title = {{Egregor operation takes huge hit after police raids}}, date = {2021-02-17}, organization = {Intel 471}, url = {https://intel471.com/blog/egregor-arrests-ukraine-sbu-maze-ransomware}, language = {English}, urldate = {2021-02-20} } Egregor operation takes huge hit after police raids
Egregor
2021-01-27Intel 471Intel 471
@online{471:20210127:emotet:0a7344b, author = {Intel 471}, title = {{Emotet takedown is not like the Trickbot takedown}}, date = {2021-01-27}, organization = {Intel 471}, url = {https://intel471.com/blog/emotet-takedown-2021/}, language = {English}, urldate = {2021-01-29} } Emotet takedown is not like the Trickbot takedown
Emotet
2021-01-15Intel 471Intel 471
@online{471:20210115:last:c976da0, author = {Intel 471}, title = {{Last Dash for Joker’s Stash: Carding forum may close in 30 days}}, date = {2021-01-15}, organization = {Intel 471}, url = {https://intel471.com/blog/jokers-stash-closed-february-2021/}, language = {English}, urldate = {2021-01-18} } Last Dash for Joker’s Stash: Carding forum may close in 30 days
2020-12-18Intel 471Intel 471
@online{471:20201218:ta505s:8fb97af, author = {Intel 471}, title = {{TA505’s modified loader means new attack campaign could be coming}}, date = {2020-12-18}, organization = {Intel 471}, url = {https://intel471.com/blog/ta505-get2-loader-malware-december-2020/}, language = {English}, urldate = {2020-12-19} } TA505’s modified loader means new attack campaign could be coming
Get2
2020-12-16Intel 471Intel 471
@online{471:20201216:intel471s:f245d05, author = {Intel 471}, title = {{Intel471's full statement on their knowledge of SolarWinds and the cybercriminal underground}}, date = {2020-12-16}, organization = {Intel 471}, url = {https://twitter.com/Intel471Inc/status/1339233255741120513}, language = {English}, urldate = {2020-12-17} } Intel471's full statement on their knowledge of SolarWinds and the cybercriminal underground
SUNBURST
2020-12-10Intel 471Intel 471
@online{471:20201210:no:9fd2ae1, author = {Intel 471}, title = {{No pandas, just people: The current state of China’s cybercrime underground}}, date = {2020-12-10}, organization = {Intel 471}, url = {https://intel471.com/blog/china-cybercrime-undergrond-deepmix-tea-horse-road-great-firewall/}, language = {English}, urldate = {2020-12-10} } No pandas, just people: The current state of China’s cybercrime underground
Anubis SpyNote AsyncRAT Cobalt Strike Ghost RAT NjRAT
2020-12-01Intel 471Intel 471
@online{471:20201201:steal:db9aadd, author = {Intel 471}, title = {{Steal, then strike: Access merchants are first clues to future ransomware attacks}}, date = {2020-12-01}, organization = {Intel 471}, url = {https://intel471.com/blog/ransomware-attack-access-merchants-infostealer-escrow-service/}, language = {English}, urldate = {2020-12-17} } Steal, then strike: Access merchants are first clues to future ransomware attacks
DoppelPaymer
2020-11-23Intel 471Intel 471
@online{471:20201123:heres:1435e96, author = {Intel 471}, title = {{Here’s what happens after a business gets hit with ransomware}}, date = {2020-11-23}, organization = {Intel 471}, url = {https://intel471.com/blog/how-to-recover-from-a-ransomware-attack/}, language = {English}, urldate = {2020-12-17} } Here’s what happens after a business gets hit with ransomware