The groups, calling themselves IT Army of Russia and TwoNet, use the Telegram messaging app to coordinate operations, recruit insiders and collect information about targets in Ukraine, according to a new report by cybersecurity firm Intel 471.
The threat actors behind the Qilin ransomware-as-a-service (RaaS) scheme are now offering legal counsel for affiliates to put more pressure on victims to pay up, as the cybercrime group intensifies its activity and tries to fill the void left by its rivals.
Security Week’s Kevin Townsend writes that a recent Intel 471 report explores the career of Andrei Tarasov, a cybercriminal deeply involved in exploit kit and ransomware operations.
Research published by Intel 471 found a surge in Android malware that involves hidden virtual network computing, keylogging, and remote control functionalities.
The cybersecurity landscape has witnessed the emergence of increasingly sophisticated ransomware operations, with DragonForce standing out as a particularly concerning threat actor that has evolved from politically motivated attacks to large-scale financial extortion campaigns.
The hacker, known as DukeEugene, who the experts said sold expensive Android hacking services to other criminals, told everyone exactly where he was going: the frontlines of the invasion of Ukraine.
AI is seeping into our everyday lives through the smallest of holes. Do you feel like a dinosaur if you are not using AI? It seems that many employees are being pressured into vibe’ing at work by using some large language model (LLM).
Ashley Jess, an Intel 471 senior intelligence analyst, was quoted in this Cybernews article on intersection of cyber and politics.
Intel 471, in a report last week, highlighted an increase in Android malware incorporating hidden virtual network computing (HVNC), keylogging, and remote control functionalities, and a decrease in web injects.
Thanks to intensified activity on the part of law enforcement agencies worldwide – resulting in the shutdown of highly profitable and destructive ransomware-as-a-service (RaaS) groups such as LockBit – we’ve seen some encouraging signs within the ongoing fight against ransomware threats.
Threat actors have successfully adapted to Google’s stringent accessibility restrictions introduced in Android 13 and later versions. According to Intel 471's Report, this loader enables attackers to sidestep Google’s restrictions, ensuring that malware can exploit accessibility features to harvest sensitive data and execute unauthorized actions.
Mike Mitchell, VP of Threat Hunting at Intel 471, explains how the LOTL adversaries will swiftly learn that there is no more “land to live off of,” nor any places left to hide in plain sight.
Stay informed with our weekly executive update, sending you the latest news and timely data on the threats, risks, and regulations affecting your organization.