Intel 471

Chinese cyber threat groups are adapting their tactics to evade detection and scale their attacks. They’re exploiting zero-day vulnerabilities in edge devices like firewalls and VPNs, using legitimate tools to operate undetected within networks, and relying on advanced relay networks to hide their activity. These evolving methods are aimed at critical sectors like energy, telecom, and healthcare, putting vital infrastructure at risk. Our latest blog examines these trends, why they matter, and how organizations can protect themselves: https://hubs.la/Q02YM2Xj0 #APT #threatintelligence #threathunting #cybersecurity

We had an incredible time hosting our 471 UnConference in Cincinnati! Thanks to everyone who attended. We hoped you walked away with valuable insights to fight cyber crime and keep our digital world safe and secure. We look forward to seeing you at our next UnConference!?? #Intel471 #471UnConference #CyberThreats #CyberSecurity

Ransomware remains an ever-present operational, financial, and reputational risk to organizations. Recently featured in SecurityInfoWatch, Jeremy Kirk, Executive Editor at Intel 471, reviews ransomware gang activity from the second quarter of this year, focusing specifically on the three most active groups: LockBit, Play, and RansomHub. With the right intelligence and analysis, organizations can make risk-based decisions to avoid becoming the next ransomware victim. Read more: https://hubs.la/Q02Z2pyR0

Our latest Happy Hunting episode focuses on APT29, also known as Cozy Bear, Midnight Blizzard, or the Dukes. This Russian state-sponsored group has been active since 2008, specializing in advanced persistence and strategic infiltration of high-value targets. APT29 adapts its methods to maintain access and avoid detection, aligning its operations with Russia’s intelligence objectives. Notable campaigns include the SolarWinds supply chain attack, which compromised thousands of systems, and the Microsoft email compromise, where OAuth applications were exploited to access sensitive inboxes. By studying their evolving tactics, defenders can develop proactive strategies to uncover and counter their operations. ?? Sign up for a free HUNTER471 account to gain access to powerful tools, hunt packages, and resources designed to enhance your threat hunting capabilities: https://lnkd.in/gCYdxx32 ?? Already have an account? Jump straight to the HUNTER471 Hunt Package featured in this session: https://lnkd.in/gTmemTrQ #APT29 #CozyBear #MidnightBlizzard #Dukes #SolarWinds #ThreatHunting #ThreatIntelligence #Cybersecurity

Congratulations to Ashley Jess, Women to Watch Honoree with Intel 471 for her transformative contributions in threat intelligence. Ashley’s initiatives, like the intelligence desks she’s developed, empower organizations with proactive insights into emerging cyber threats. With her dedicated leadership and mentorship, she has cultivated a supportive environment for women at Intel 471 and set a strong example of excellence and inclusivity in cybersecurity. View Ashley’s profile on SC Media: https://bit.ly/3UZInmr #WomeninITSecurity #WomentoWatch #Growth #Influence #CyberSecurity

Basic, but pervasive, an Account Takeover (ATO) is a type of cyberattack whereby an attacker gains unauthorized access to a user's online account, often to steal sensitive information or commit fraud. Threat actors are continuing to conduct this type of attack using compromised credentials, making it a persistent threat to all organizations. This month, Intel 471 has observed multiple threat actors offering ATO services in underground marketplaces, such as a service that socially controls unaware account holders over the phone, a SIM-swapping service, and a service involving a Python-based program that automatically connects to a VPN, brute-forces SMB credentials and sends a report to Telegram. While password hardening and multi-factor authentication (MFA) can potentially mitigate unauthorized access to user accounts, Intel 471’s targeted monitoring and unmatched visibility into the cyber underground helps organizations stay ahead of emerging ATO threats and respond swiftly when ATO attempts are made. ?? Learn more about account takeover protection here: https://lnkd.in/gaKRXZNK ?? Learn more about Intel 471’s marketplace intelligence here: https://lnkd.in/g2pekHp2

?? Battle-Tested and War-Scarred: Lessons from Cybersecurity Marketing Leaders ?? Layoffs, acquisitions, and tough leadership—welcome to the battlefield of cybersecurity marketing! ?? Join: ??Steve Piper, Founder & CEO of CyberEdge Group ??John Vecchi, CMO of Phosphorus Cybersecurity Inc. ??Joy Nemitz, CMO of Intel 471 ??Mary Yang, CMO of Syxsense, An Absolute Security Company As they reveal real war stories from the marketing trenches. ?? ?? What to expect: Campaigns that failed spectacularly ?? Leadership trials that defined careers Missteps to avoid and invaluable lessons ?? This no-holds-barred session invites audience members to share their career-defining moments. Skip the fluff and dive into raw, unfiltered insights. ?? Proudly sponsored by CyberEdge Group ?? ??? Get your tickets: https://hubs.ly/Q02YkX220"

Yesterday morning, Mark Arena was the keynote speaker at the Business News panel during their latest Success and Leadership breakfast, where he shared valuable insights from his career path — from Cybersecurity to becoming the owner and CEO of the Perth Wildcats — with the audience at Crown Perth. ??

Mark your calendars! Intel 471’s Chief Intelligence Officer, Michael DeBolt will be speaking at Baird’s 7th Annual Defense & Government Conference this Thursday, November 21st! Michael is featured alongside an incredible lineup of experts: Josh Lefkowitz, CEO & Co-Founder of Flashpoint, Michael Southworth, CEO of Babel Street, and Jennifer Ewbank, Founder of Andaman Strategic Advisors. We hope you will join us as these innovators explore how to shape the future of intelligence through technology and non-traditional approaches. For more information, or to request an invitation, please contact Baird's Conference Events Team at [email protected]. #Intel471 #CyberSecurity #CTI #ThreatHunting

"This year’s nominees exemplified a breadth of experience, passion, and resilience, inspiring others to make impactful contributions to cybersecurity." – Heidi Murphy, Director of Community Development and Leader of CRA’s Women in Cyber initiative at CyberRisk Alliance. Introducing SC Media's Women in IT Security Honorees! ?? Advocates Ria Aiken – Director, Customer Engagement & Strategic Planning, Federal Reserve Bank Atlanta Bindu Sundaresan – Director of Cybersecurity Solutions, LevelBlue Tia (Yatia) Hopkins – Board Member, Cyversity Deepika Chauhan – Chief Product Officer, DigiCert Prathibha Muraleedhara – Senior Manager of Security Architecture, Stanley Black & Decker, Inc. ?? Cyber Veterans Donna R. - Executive VP, CISO, Radian Tammy Klotz - CISO, Trinseo Mary Yang - VP of Marketing, Syxsense, An Absolute Security Company, an Absolute Company Renee Guttmann, CISO Emeritus and Founder, Cisohive Elisa Costante, VP of Research, Forescout Technologies Inc. ?? Women to Watch Marta Janus - Principal Security Researcher, HiddenLayer Callie Guenther - Senior Manager of Cyber Threat Research, Critical Start Tammi Hayes - President, Capital Strategies Group Ashley Jess - Senior Intelligence Analyst, Intel 471 Selena Larson - Staff Threat Researcher, Proofpoint ?? Power Players Barb Huelskamp - SVP Global Channels and Alliances, Qualys Cassie Crossley - VP, Supply Chain Security and Cybersecurity and Product Security Office, Schneider Electric Alex Kobray - VP, Intelligence, Flashpoint Alison King - VP of Government Affairs, Forescout Technologies Inc. Confidence Staveley - Founder of CyberSafe Foundation Explore each honoree's profile and hear their inspiring stories through our video series and feature content throughout November. https://bit.ly/4fnJYud #CybersecurityLeaders #Diversity #Innovation #WomeninITSecurity