Lynx Ransomware is rapidly expanding, targeting organizations across North America and Europe with data theft and double extortion, backed by a growing network of skilled affiliates.
Dec 16, 2025Battling check fraud in the U.S.
Eric Huber is Cybercrime Research Leader with TD Bank. In this Studio 471, he discusses why check fraud is such a huge problem in the U.S. and how banks can counter it.
Nov 11, 2025Cybercrime Takedowns: Trust, Partnerships and Focus
Intel 471’s Public Sector team is regularly called upon to provide cyber investigation support, threat insights and real-life attribution in support of global law enforcement operations.
Nov 20, 2025Using deception to extract cyber threat intelligence
Tim Pappa is a former FBI supervisory special agent who specializes in deception techniques. In this Studio 471, he discusses what threat intelligence can be gained using deception and how organizations can structure scalable programs.
SmarterTools Breached by Own SmarterMail Vulnerabilities
The SmarterTools breach appears to be part of campaigns targeting SmarterMail vulnerabilities by the Warlock ransomware group and Chinese threat actors.
PWNPress: collect vulnerable WordPress websites over internet
PWNPress is an innovative service that harnesses the power of data and cutting-edge technologies to identify vulnerabilities and misconfigurations in WordPress websites. Our mission is to empower website owners, developers, and security professionals with actionable insights that help fortify their WordPress installations and protect their digital assets.
In today’s digital landscape, where websites are increasingly targeted by cyber threats, safeguarding the security of your WordPress-powered
Unleashing the Power of Data: Indexing Over 15 Million WordPress Websites with PWNPress
We are excited to share a significant milestone achieved by PWNPress in our relentless pursuit of enhancing WordPress security. Leveraging the extensive Common Crawl dataset and pushing the boundaries of data analysis, we successfully indexed over 15 million WordPress websites. This endeavor involved parsing the entire Web Archive Text (WAT) database, a massive 21 TiB repository, to identify WordPress installations worldwide.
Harnessing the Power of Data
At PWNPress, we believe that data is t
AWS WAF Bypass: invalid JSON object and unicode escape sequences
In recent times, the security community has been witnessing an increasing number of reports from researchers highlighting various bypass techniques targeting AWS Web Application Firewall¹. These bypasses have brought to light not only the absence of certain critical features but also the reliance on default configurations commonly used with both custom and managed rules.
While AWS WAF provides robust protection against a wide range of web application threats, it is essential for organizations t
Attackers have quite a few sneaky ways to gather information from your WordPress website. They can get their hands on details like the WordPress version you're using, the active plugins and their versions, and even info about your active users. In this article, we'll take a deep dive into the technical side of things and uncover how these attackers pull it off. We'll also demystify the popular tool, WPScan, and see what's going on under the hood. Armed with this knowledge, you'll be able to stre
OT (Operational Technology) consists of in a complex network of ICS (industrial control system).
The ICS describes several types of control systems and associated instrumentation used for industrial process control.
It includes systems like PLC (Programmable logic controller) , HMI (Human machine interface), DCS (Distributed control system) and SCADA (Supervisory Control and Data Acquisition).
In the ICS world we can insert all kind of device that are not like related to a process control
