The highly disruptive and destructive cyber incidents across the past year have reinforced the need for the U.K to raise the level of cyber resilience in all critical sectors.
cyberintel.kalymoon.com · 1260 articles · updated every 4 hours · grows forever
The highly disruptive and destructive cyber incidents across the past year have reinforced the need for the U.K to raise the level of cyber resilience in all critical sectors.
Relying upon AI-driven cybersecurity to fend off cyberattacks raises a paradox: improving speed and productivity is a game changer, but it carries a risk to quality, fidelity and trust. The battle aga…
Pro-Russian hacktivists leveraged the media spotlight amidst protests and suspected acts of sabotage in Italy. But state-sponsored cyber campaigns appear muted compared to past Olympics events.
A threat hunting program backed by the right metrics and proper documentation of hunts can reduce breach costs and, in the event of a breach, demonstrate operational maturity to insurers and regulator…
A new threat actor has launched what appears to be a fake ransomware-as-a-service (RaaS) operation called 0APT.
Our Geopolitical Intelligence and Threat Hunting teams collaborate closely to help customers monitor, respond to and mitigate cyber risks
CrazyHunter is a ransomware campaign targeting healthcare that weakens endpoint defenses and escalates privileges before encrypting systems at scale.
DevMan Ransomware is a newly emerging ransomware operation observed in 2025 that has been assessed as a derivative of the DragonForce ransomware family.
Announcing Tuning, a new utility in the Guided Threat Hunts feature of HUNTER, the industry’s leading library of behavioral hunt packages and the Hunt Management Module, available on the Verity471 cyb…
Eric Huber is Cybercrime Research Leader with TD Bank. In this Studio 471, he discusses why check fraud is such a huge problem in the U.S. and how banks can counter it.
Gootloader resurfaced with enhanced capabilities, building on the multi-stage loader malware first seen in 2020.
The "Shai-Hulud" worm represents a significant escalation in software supply chain attacks, particularly within the Node.js ecosystem
Intel 471 discovered a new Android trojan, FvncBot, that masquerades as a security application for mBank, a major Polish bank. Our Malware Intelligence team analyzed its code, which is new and not bas…
Black Friday kicks off retailers’ most profitable season—and also a peak period for cybercriminals, who exploit the surge in online shopping and payment activity.
Initial access brokers sell information about or access to compromised computers. Here's how to threat hunt for a known attack behavior involving PowerShell that's used by a prolific initial access br…
Tim Pappa is a former FBI supervisory special agent who specializes in deception techniques. In this Studio 471, he discusses what threat intelligence can be gained using deception and how organizatio…
Lynx Ransomware is rapidly expanding, targeting organizations across North America and Europe with data theft and double extortion, backed by a growing network of skilled affiliates.
Qilin Ransomware Group is a rapidly evolving RaaS operation that first became widely visible in mid-2022 and has since escalated its attacks in both volume and sophistication.
Malware distribution campaigns that trick people into copying and pasting malicious commands, known as ClickFix, have been wildly successful. Here's an examination of ClickFix and how to defend agains…
Intel 471’s Public Sector team is regularly called upon to provide cyber investigation support, threat insights and real-life attribution in support of global law enforcement operations.
Payment card "checkers" are used by criminal hackers to check the validity of stolen payment card details. Here's how this in-demand underground service works.
In this Studio 471, Michael Fletcher, a former Cybercrime Technical Analyst with the Australian Federal Police, describes the origin of The Com and how threat actors in this sphere pose a threat.
Discover how the next phase of Intel 471’s Geopolitical Intelligence solution protects your organization against both physical and cyber threats arising from shifting global dynamics.
European law enforcement officials say a secret U.S. FBI task force called Group 78 used covert tactics to disrupt the Black Basta ransomware group, but it has caused tension. Intel 471 analyzes the d…