cyberintel.kalymoon.com · 983 articles · updated every 4 hours · grows forever
Black Friday kicks off retailers’ most profitable season—and also a peak period for cybercriminals, who exploit the surge in online shopping and payment activity.
Initial access brokers sell information about or access to compromised computers. Here's how to threat hunt for a known attack behavior involving PowerShell that's used by a prolific initial access br…
Tim Pappa is a former FBI supervisory special agent who specializes in deception techniques. In this Studio 471, he discusses what threat intelligence can be gained using deception and how organizatio…
Lynx Ransomware is rapidly expanding, targeting organizations across North America and Europe with data theft and double extortion, backed by a growing network of skilled affiliates.
Qilin Ransomware Group is a rapidly evolving RaaS operation that first became widely visible in mid-2022 and has since escalated its attacks in both volume and sophistication.
Malware distribution campaigns that trick people into copying and pasting malicious commands, known as ClickFix, have been wildly successful. Here's an examination of ClickFix and how to defend agains…
Intel 471’s Public Sector team is regularly called upon to provide cyber investigation support, threat insights and real-life attribution in support of global law enforcement operations.
Payment card "checkers" are used by criminal hackers to check the validity of stolen payment card details. Here's how this in-demand underground service works.
In this Studio 471, Michael Fletcher, a former Cybercrime Technical Analyst with the Australian Federal Police, describes the origin of The Com and how threat actors in this sphere pose a threat.
Discover how the next phase of Intel 471’s Geopolitical Intelligence solution protects your organization against both physical and cyber threats arising from shifting global dynamics.
European law enforcement officials say a secret U.S. FBI task force called Group 78 used covert tactics to disrupt the Black Basta ransomware group, but it has caused tension. Intel 471 analyzes the d…
Summary Note: This joint Cybersecurity Advisory is being published as an addition to the Cybersecurity and Infrastructure Security Agency (CISA) May 6, 2025, joint fact sheet Primary Mitigations to Re…
Advisory at a Glance Executive Summary CISA began incident response efforts at a U.S. federal civilian executive branch (FCEB) agency following the detection of potential malicious activity identified…
Executive summary People’s Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally, including, but not limited to, telecommunications, government, transportation, l…
Summary The Cybersecurity and Infrastructure Security Agency (CISA) and U.S. Coast Guard (USCG) are issuing this Cybersecurity Advisory to present findings from a recent CISA and USCG hunt engagement.…
Summary Note : This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat …
Summary The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this advisory in response to ransomware actors leveraging unpatched instances of a vulnerability in SimpleHelp Remote M…
Summary The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint advisory to disseminate known tactics, techniques, and proced…
Executive Summary This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involve…
Executive summary Many networks have a gap in their defenses for detecting and blocking a malicious technique known as “fast flux.” This technique poses a significant threat to national security, enab…
Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat act…
Inside Olympic Cybersecurity: Lessons From Paris 2024 to Milan Cortina 2026 Dark Reading
Microsoft, CrowdStrike, other cyber firms collaborate on threat actor taxonomy Cybersecurity Dive
IBM X-Force 2025 Threat Intelligence Index IBM