CYBERSECURITY PROFILE: Download Our Latest Report on the Russian Federation   Sign Up Now

Anomali Blog

Cyber Threat Intelligence Threat Intelligence Platform

Introducing Anomali ThreatStream Integrator 6.3.5

Anomali ThreatStream Integrator is a software with a small footprint that allows you to integrate the powerful threat intelligence of Anomali ThreatStream with your existing security tools. Today I'm excited to announce the latest version of Integrator.In addition to the SIEMs, endpoints and numerous other security solutions ...
Read More


Anomali Raises $40 Million in Series D Funding

Today I’m pleased to share the news of our latest fundraising efforts, and the addition of Lumia Capital, Deutsche Telekom Capital Partners, Telstra Ventures and Sozo Ventures to the Anomali family. With this funding, we’ll continue to invest in developing innovative threat management and collaboration solutions...
Read More


Weekly Threat Briefing

WTB: New Mirai Variant Targets Billions of ARC-Based Endpoints

The intelligence in this week’s iteration discuss the following threats: APT, Disk-wiper, DNS hijacking, Malicious extensions, Malicious application, Malvertising, Targeted attacks, and Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending Threats ...
Read More


Malware Research

The Rise of Malware Using Legitimate Services for Communications

Malware often includes the ability to communicate with attacker controlled systems on the Internet from within compromised networks. This gives the attacker several important capabilities.Some examples of this communication include:Receive “heartbeats” to maintain an inventory of compromised systems Send Remote control commands and receive the results...
Read More


Weekly Threat Briefing

WTB: Malicious Document Targets Pyeonchang Olympics

The intelligence in this week’s iteration discuss the following threats: Banking trojan, Botnet, Credit card theft, Data breach, Hardcoded backdoor, Malicious applications, Phishing, and Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity. ...
Read More


Cyber Threat Intelligence

What is Strategic Threat Intelligence?

This is the second blog in a series called, “What is Threat Intelligence?”  The first blog in the series can be found here.  Stay tuned for future installments in this series.Maintaining a strong security posture requires developing and answering many questions specific to the organization....
Read More


Weekly Threat Briefing

WTB: macOS Exploit Published on the Last Day of 2017

The intelligence in this week’s iteration discuss the following threats: Data leak, Information stealing malware, Malspam, Misconfigured Database, Phishing, RAT, Vulnerabilities, and Zero-day. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending Threats ...
Read More


Cyber Threat Intelligence Malware Research

12 Days of Threats

On the first day of Christmas a hacker stole from me, Thousands in my favorite cryptocurrency… On the second day of Christmas a hacker stole from me, Two plain-text passwords and thousands in my favorite cryptocurrency...We’re sure by now you’ve heard too much Christmas...
Read More


Weekly Threat Briefing

WTB: New GnatSpy Mobile Malware Family Discovered

This section listed below contains summaries on various threat intelligence stories that occurred during the past week. The intelligence in this week’s iteration discuss the following threats: ATM-theft, Data leak, Malspam, Mobile malware, Phishing, Targeted attacks, Threat group, underground markets, and Vulnerabilities. The IOCs related to these stories...
Read More


Research

A Very Malicious Christmas

In 2017, Americans are projected to spend $906 million on gifts, up from $785 in 2016. A significant chunk of that total will be spent online. As consumers turn to the internet, those looking to exploit them are increasing at a similar rate.Over the last 5 years, the festive season has seen...
Read More


Weekly Threat Briefing

WTB: German Spy Agency Warns of Chinese LinkedIn Espionage

The intelligence in this week’s iteration discuss the following threats: APT, Banking trojan, Botnet, Data leak, Malspam, Malvertising, Pre-installed keylogger, Ransomware, Targeted attacks, Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending...
Read More


Cyber Threat Intelligence

What is Threat Intelligence?

Written by Steve Miller and Payton BushThreat intelligence is a subset of intelligence focused on information security. Gartner (sorry, people) defines threat intelligence as “evidence-based knowledge...about an existing or emerging menace or hazard...to inform decisions regarding the subject’s response to that menace or hazard....
Read More


Weekly Threat Briefing

WTB: Phishers Target Panicking PayPal Users with Fake “Failed Transaction” Emails

The intelligence in this week’s iteration discuss the following threats: Backdoor, Data breach, Data theft, Malspam, Misconfigured bucket, Phishing, RAT, Spyware, Trackers, and Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending...
Read More


Cyber Threat Intelligence Threat Intelligence Platform

Using ThreatStream Indicators of Compromise with AWS GuardDuty

It has been a busy week for AWS at their re:Invent 2017 conference in Las Vegas. One of the new product launches that caught my eye yesterday was GuardDuty, a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help protect AWS accounts and...
Read More


Cyber Threat Intelligence Research

FTSE 100 Report: Targeted Brand Attacks and Mass Credential Exposures

The Anomali Labs team conducted research to identify suspicious domain registrations and potentially compromised credentials that could be used as part of an attack against the Financial Times Stock Exchange 100 (FTSE 100). Both methods of attack pose a significant threat not only to corporate brands but also to the corporations themselves....
Read More


Weekly Threat Briefing

WTB: Imgur hackers stole 1.7 million email addresses and passwords

This section listed below contains summaries on various threat intelligence stories that occurred during the past week. The intelligence in this week’s iteration discuss the following threats: Account Checking, Android Malware, BankBot Trojan, Imgur Database Breach, IRAFAU, Lazrus Group, Microsoft Office Vulnerabilities, Mirai Botnet, Necurs Botnet, Scarab Ransomware,...
Read More


Cyber Threat Intelligence

10 Reasons to be Thankful for a Security Analyst

The global number of internet users hit 3.8 billion in 2017, and is expected to reach 6 billion by 2022. We’re rapidly approaching the point where people without access to the internet will be in the minority, and where the internet is not only accessible but also ingrained into daily life. Succinctly...
Read More


Weekly Threat Briefing

WTB: Cobalt Strikes Again: Spam Runs macros and CVE-2017-8759 Exploit Against Russian Banks

This section listed below contains summaries on various threat intelligence stories that occurred during the past week. The intelligence in this week’s iteration discuss the following threats: APT, Brute force attacks, Holiday scams, Malspam, Phishing, Preinstalled features, Ransomware, Targeted attacks, Threat group, and Vulnerabilites. The IOCs related to...
Read More


Cyber Threat Intelligence Threat Intelligence Platform

Anomali Provides Threat-Sharing Expertise Before Congress

Cyber Threat Intelligence provider Anomali appeared before Congress on Wednesday, November 15th to provide threat-sharing expertise before the U.S. House of Representatives Homeland Security Committee. The purpose of this hearing was to discuss methods for improving the value of cyber threat information shared by the government and increasing participation...
Read More


Weekly Threat Briefing

WTB: New Banking Trojan IcedID Discovered

The intelligence in this week’s iteration discuss the following threats: Business Email Compromise, Financial theft, Malspam, Phishing, Ransomware, Threat group, Trojan, and Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending Threats ...
Read More


Get the latest threat intelligence news in your email.