Anomali Blog
Cyber Threat Intelligence SIEM Splunk ThreatStream
Proactively monitor your network against attacks using our FREE Threat Intelligence in Splunk
A few weeks ago I showed how to use the Anomali ThreatStream Splunk App to hunt known actors that had been observed trying to access your environment, and in some cases where they were already inside.For those who are not yet ThreatStream customers, do not fear. Our...
Read More
Anomali Limo - Free Intelligence Feeds
If today’s threat landscape were a road, it would be marred with all kinds of obstacles- potholes of malware, a flat tire of phishing emails, and maybe even a stolen car/computer through a botnet. It’s treacherous to navigate- particularly if you don’t have...
Read More
Anomali Weekly Threat Intelligence Briefing - June 20, 2017
Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More
Targeted vs Indiscriminate Attacks
The motivations for a cyber attack are familiar- money, notoriety, political scheming, protests- the list goes on. Whatever the case may be, understanding the incentive behind an attack can be a good indicator of how an attack may have been carried out. One element of investigating these attacks is discerning...
Read More
Anomali Weekly Threat Intelligence Briefing - June 13, 2017
Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More
Anomali Begins Education Outreach Initiative
The cybersecurity industry is facing a critical issue, and it’s not the cyber criminals. There is a growing shortage of workers to fill the rising demand for cyber security professionals, with a projected 3.5 million positions left unfilled by 2021.In response to this growing demand, Anomali is beginning an...
Read More
Cyber Threat Intelligence SIEM Splunk Threat Intelligence Platform ThreatStream
Malicious Actors Inside Your Network? Here’s How To Find Them.
As an analyst, context is key.With hundreds, often thousands, of security incidents raised by modern SIEM products it can make the process of triaging the most serious of them incredibly difficult. Adding context to events that form a security incident can help investigations by reducing both time and effort....
Read More
Anomali Weekly Threat Intelligence Briefing - June 6, 2017
Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More
Global Elections, Global Problems
The next in a series of pivotal elections is set to take place on June 8th in the United Kingdom, replacing Members of Parliament (MPs) and the Prime Minister. Previous elections in the United States, the Netherlands, and France were marked by an unprecedented number of cyber attacks, releases of...
Read More
The Power of an Exploit
Not all exploits are created equalVulnerabilities and PatchingPatching vulnerabilities is something everyone with a technology footprint deals with on one level or another whether they realize it or not. Consumers patch vulnerabilities all the time even if they don’t realize that’s what they are...
Read More
Anomali Weekly Threat Intelligence Briefing - May 30, 2017
Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More
Anomali Enterprise Cyber Threat Intelligence SIEM Splunk Threat Intelligence Platform
Anomali Reports: Analyse Splunk Events To See If You’ve Been Breached
Anomali Reports analyses your companies IT activity against millions of Indicators of Comprimise (IOCs) stored in Threatstream. Each week a Threat Analysis report is automatically generated for you to review. Reports are delivered via web and email and they highlight the most critical security incidents, alerting you to potential security...
Read More
Ransomware- A Tech or Human Problem?
If you hadn’t heard of ransomware before WanaCry, you’ve heard of it now. Ransomware is a specially designed piece of malware that blocks a user's access to their files or even to the system itself. It is able to bypass many security controls because its...
Read More
Anomali Weekly Threat Intelligence Briefing - May 23, 2017
Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More
STAXX 2.3 is Here - Features New Anomali Limo Service
We're pleased to announce a major update to STAXX with version 2.3, which includes our brand new Anomali Limo service - a collection of free threat intelligence feeds. We're also pleased to announce Anomali Forum - a discussion board focused on cybersecurity and threat intelligence.Anomali LimoSince we...
Read More
Anomali Enterprise ThreatStream
Anomali Opens New Office in Belfast, Ireland
One of the biggest challenges that comes with delivering a popular product is managing the associated growth. Anomali has experienced tremendous growth each year since its founding in 2013. As Anomali continues to grow in Europe, it only makes sense to increase our presence to serve that market.“Anomali has...
Read More
WanaCry: Frequently Asked Questions
There are many questions surrounding the WanaCry ransomware attack that started on May 12, 2017. In order to provide some quick answers to common questions and dispel some misconceptions, we are providing this list of frequently asked questions. We will keep this updated as new details emerge. For a more in-depth look...
Read More
Anomali Weekly Threat Intelligence Briefing - May 16, 2017
Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More
WanaCry Observations: Big Worm = Big Problems
NOTE: Anomali is continuing to investigate and monitor the WanaCry worm and will update this page as we have more information to share. Visit www.anomali.com/wanacry for the latest.On the morning of Friday May 12th a new ransomware threat emerged infecting tens of thousands of computers across...
Read More
Maximizing the Potential of Open Source Threat Intelligence Feeds
Open source feeds are a popular and abundant source of threat intelligence indicators. These feeds originate from a variety of sources- companies, special projects, honeypots, individual contributors, and more. There are hundreds to choose from, providing a vast reserve of millions of indicators of compromise (IOCs) that can be ingested...
Read More
