Analysis and perspectives from the leading voice in threat intelligence.
On Dec. 13, FireEye published a detailed analysis about the attack carried out against SolarWinds, which appears to have compromised its Orion IT monitoring and management platform to spread the Sunburst Backdoor malware. As part of the attack, which started in March, the Orion platform started sending out the digitally-signed…
SolarWinds, a provider of IT management and monitoring software deployed by thousands of global customers, was breached between March and June of 2020 by an Advanced Persistent Threat (APT) that cybersecurity company FireEye is tracking as UNC2452. As part of the supply chain attack, the APT compromised the company’s Orion…
Key Findings In early December 2020, Anomali Threat Research identified a website engaging in fraudulent dog sales, specifically for German Shepherds. The analysis revealed 17 additional websites also engaging in pet fraud activities for birds and cats, as well as one phone number match for a Facebook page car fraud scheme, and…
Several years back, industry analyst firm Gartner began circulating the idea that almost every major enterprise and government agency was either compromised or would be compromised at some point in time. This week, when we woke up to the news that FireEye and SolarWinds had joined the ranks of the hacked, we learned once again…
We are happy to announce the Anomali Quarterly Release for December 2020. For our product and engineering teams to deliver this latest set of features and enhancements, they worked closely with our customers with a particular eye to further improving the speed of threat intelligence operations. As organizations mature in their…
When it comes to COVID-19, everyone wants to do their part to help the world win the battle against the virus. At Anomali, we are doing everything in our power to contribute to the cause. Our global workforce is personally committed to stopping the spread of the virus and we’ve shifted to a remote-work model that allows all…
The world may be on pause due to the COVID-19 pandemic, but threat actors haven’t slowed down. Don’t worry, neither has Anomali … Four years ago, we recognized that public and private sector organizations had developed a healthy appetite for solutions and strategies that could help them to improve their threat…
Overview In a recent Anomali webinar, experts AJ Nash, Senior Director of Cyber Intelligence Strategy at Anomali, and Roberto Sanchez, Senior Director, Threat and Sharing Analysis at Anomali, presented the importance of the MITRE ATT&CK framework and showed how to use it to better understand threat actors, campaigns, and…
Overview The Coronavirus 2019 (COVID-19) global pandemic has caused widespread fear of the unknown and deadly aspects of this novel virus, generated growth in certain industries to combat it, and created a shift toward remote work environments to slow the spread of the disease. Defending Your Organization Against COVID-19 Cyber…
The various threat intelligence stories in this iteration of the Weekly Threat Briefing discuss the following topics: APT, BlackTech, BLINDINGCAN, Linux Malware, Palmerworm, Vulnerabilities, and XDSpy. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential…
Get the latest Anomali updates and cybersecurity news straight to your inbox each month.
Subscribe Now