The Anomali Blog

The Anomali Blog

Analysis and perspectives from the leading voice in threat intelligence.

AJ Nash
AJ Nash May 10, 2021

Rise of the Chief Intelligence Officer (CINO)

Anomali Sr. Director of Cyber Intelligence Strategy A.J. Nash recently penned a column for United States Cybersecurity Magazine about how changing security challenges call for new skillsets and leadership professionals, who can help to develop ad run new programs that keep pace with modern adversaries. In “Rise of the Chief…

Anomali Threat Research
Anomali Threat Research May 4, 2021

Anomali Cyber Watch: Microsoft Office SharePoint Servers Targeted with Ransomware, New Commodity Crypto-Stealer and RAT, Linux Backdoor Targeting Users for Years, and More

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Data Theft, Backdoor, Ransomware, Targeted Ransomware Attacks and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious…

Anomali Threat Research
Anomali Threat Research April 27, 2021

Anomali Cyber Watch:  HabitsRAT Targeting Linux and Windows Servers, Lazarus Group Targetting South Korean Orgs, Multiple Zero-Days and More

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, Android Malware, RATs, Phishing, QLocker Ransomware and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.…

Anomali Threat Research
Anomali Threat Research April 20, 2021

Anomali Cyber Watch: Criminals Target Would Be Hackers for Cryptocurrency Theft, A Zero Day Vulnerability in Windows Desktop Manager is in the Wild, US Blames Russia for SolarWinds, and More

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Android Malware, Dependency Confusion, Ransomware, Russia, SaintBot and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious…

Anomali Threat Research
Anomali Threat Research April 19, 2021

Primitive Bear (Gamaredon) Targets Ukraine with Timely Themes

Russia-Sponsored Group Employs Apparently Legitimate Documents Aligned to Growing Hostilities Between Russia and Ukraine Authored by: Gage Mele, Yury Polozov, and Tara Gould Key Findings Anomali Threat Research discovered a campaign targeting Ukrainian government officials with malicious files that could be repurposed to target…

Anomali Threat Research
Anomali Threat Research March 31, 2021

Bahamut Possibly Responsible for Multi-Stage Infection Chain Campaign

Authored by: Gage Mele, Tara Gould, Winston Marydasan, and Yury Polozov Key Findings Anomali Threat Research discovered cyberthreat actors distributing malicious documents exploiting a vulnerability (CVE-2017-8570) during a multi-stage infection chain to install a Visual Basic (VB) executable on target machines. This exploitation…

Anomali Threat Research
Anomali Threat Research March 30, 2021

Anomali Cyber Watch:  Malware, Phishing, Ransomware and More.

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: BlackKingdom, Chrome Extensions, Microsoft, REvil, PurpleFox, Phishing, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential…

Anomali Threat Research
Anomali Threat Research March 23, 2021

Anomali Cyber Watch:  APT, Malware, Vulnerabilities and More.

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: BlackRock, CopperStealer, Go, Lazarus, Mirai, Mustang Panda, Rust, Tax Season, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for…

Subscribe to the Anomali Newsletter

Get the latest Anomali updates and cybersecurity news straight to your inbox each month.

Subscribe Now