Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Intel 471

Our mission... is to protect your organization, your products, your assets and your people from cyber criminals.

Our Website:

Latest Content From Intel 471

Whitepaper: Preventing Cyber Attacks in the Public Sector

by Intel 471Nov 02, 2021

The public sector has been relatively untouched by financially motivated cybercriminals, with organizations within the sector primarily being the target of Advanced Persistent Threat (APT) groups conducting nation-state cyber activities. But times have changed, the ever increasing blurred line between nation-state and financially motivated cybercriminals. Global government organizations have become more vulnerable to a wide variety of cyberattacks.

Whitepaper: Cobalt Strike: A Toolkit for Pentesters

by Intel 471Nov 02, 2021

Cobalt Strike is a suite of tools used by red teams in penetration testing tasks. This whitepaper examines the feature and functionality described on the official website of the suite is Cobalt Strike. Features included and described at the website are: Reconnaissance, Attack Packages, Spear-phishing, Post Exploitation, Covert Communication, Browser Pivoting, Reporting and Logging.

Webcast: Using Cyber Underground & Blockchain Intel to Stop Cyber Attacks

by Intel 471Jul 28, 2021

Pair Intel 471’s incredibly powerful intelligence about the thriving cyber underground economy with visualized blockchain forensics to predict and prevent cybercrime. Chainalysis enables investigators to identify and monitor threat actors' cryptocurrency wallets for notification of TTP changes and attack preparation at the point of sale.  Following the money can also lead to attribution of these criminal networks and expand insight into the underlying supply chain that can sometimes be missed by traditional security tools.  

Research Report: Intel 471 Breach Report

by Intel 471Jun 23, 2021

In May 2021, we observed and reported about 301 potential breach events from threat actors offering to sell unauthorized access to data, compromised networks or systems. There was minimal change in reported statistics from April 2021 to May 2021.

  • Details
  • Research Report

Research Report: Increased Cooperation Between Access Brokers, Ransomware Operators Reviewed

by Intel 471Jun 23, 2021

Cybercriminals consistently have shown the ability to adapt to changes in the underground threat landscape and evolving company security protocols with resiliency to increase the success rate of their nefarious activity and maximize profits. A growing trend in adaptive techniques we recently observed was the increase in cooperation between vendors of compromised access, access brokers, ransomware-as-a-service (RaaS) and affiliated ransomware operators unassociated with a group.

This report provides an overview of the role compromised access plays in the modern threat landscape and highlights the perceived increase in cooperation between the two underground services.

  • Details
  • Research Report

Whitepaper: Financial institution threats observed through ATM attacks

by Intel 471Jun 23, 2021

Financially motivated cybercrime observed on underground forums and marketplaces runs on a central understanding that all participants are in the business to make money. The means to achieve this goal vary with the different levels of sophistication or technical understanding required to conduct a specific type of attack. However, we continue to observe threat actors attempt different tactics, techniques and procedures (TTPs) against financial institutions and their information technology (IT) infrastructure to steal customer account information.

Research Report: CVE Weaponization Report

by Intel 471Jun 23, 2021

The Common Vulnerabilities and Exposures (CVE) Weaponization Report is a quick reference tool designed to assist patch prioritization and vulnerability management decision-making. This regularly updated report tracks the life cycle of significant vulnerabilities observed in the underground from initial disclosure to exploit weaponization and productization.