September 20 - 22, 2017
Anomali Blog
How Threat Hunting Can Help Defend Against Malware Attacks
By Kris Merritt (Vector8) and Justin Swisher (Anomali)Since the outbreak of Petya some days ago many articles have been written dissecting the malware, its purpose, and its attribution. These articles used reverse engineering and malware analysis to conduct post incident analysis. Vector8 and Anomali viewed the Petya outbreak differently,...
Read More
WTB: New “WPSetup” Attack Targets Fresh WordPress Installs
The intelligence in this week’s iteration discuss the following threats: Adobe Patches, Android Malware, Cloud Leaks, Point-of-Sale, Ransomware, Remote Access Trojan, and Windows Protocol Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.
...
Read More
TAXIIing to the Runway
Common challenges in starting a threat intelligence programOnce considered a “nice to have”, threat intelligence is now increasingly seen as an critical part of security programs. In the 2016 Value of Threat Intelligence: Ponemon Study, 78 percent of respondents polled agreed that threat intelligence was essential to a strong...
Read More
WTB: Hard Rock, Loews Hotels Admit Data Breach
The intelligence in this week’s iteration discuss the following threats: Credit Card theft, Distributed Denial-of-Service, Mobile malware, Payment System breach, Point-of-Sale, Ransomware, Remote Access Trojan. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.
...
Read More
Anomali Forum - Your Cyber War Room
Zero-day exploits such as last week’s Petya can be a nightmare of damage to a company’s information, systems and reputation. One of the more practical solutions for such an attack is for companies to band together and share information that could bolster defences or...
Read More
WTB: More Security Firms Confirm NotPetya Shoddy Code Is Making Recovery Impossible
Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More
Anomali Enterprise Cyber Threat Intelligence
How Anomali Enterprise Helped Me Detect Malware In My Home Network
Have you ever wondered who is trying to connect to your home network? Or from your home network to the internet? Few internet users consider either of these questions (and the ones that do usually work in the security industry). Many believe the router their...
Read More
Petya (NotPetya, Petrwrap)
DetailsA malware strain that appears to be based off of the “Petya” ransomware began targeting and infecting governments and businesses worldwide on June 27th, 2017. Since dubbed “NotPetya” by some researchers, and “Nyetya” by others, this malware has spread across Europe and North America...
Read More
Ukraine hit hard as Petya Ransomware Variant Spreads around the world
[updated 6/28/2017 1:29pm ET] We will be updating this page with additional information. Please check back for the latest.While initial reports have only centered on the Ukraine being hit by a new stream of ransomware known as Petya, this is a global attack. Just like WannaCry, this might be leveraging...
Read More
Anomali Weekly Threat Intelligence Briefing - June 27, 2017
Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More
Cyber Threat Intelligence SIEM Splunk ThreatStream
Proactively monitor your network against attacks using our FREE Threat Intelligence in Splunk
A few weeks ago I showed how to use the Anomali ThreatStream Splunk App to hunt known actors that had been observed trying to access your environment, and in some cases where they were already inside.For those who are not yet ThreatStream customers, do not fear. Our...
Read More
Anomali Limo - Free Intelligence Feeds
If today’s threat landscape were a road, it would be marred with all kinds of obstacles- potholes of malware, a flat tire of phishing emails, and maybe even a stolen car/computer through a botnet. It’s treacherous to navigate- particularly if you don’t have...
Read More
Anomali Weekly Threat Intelligence Briefing - June 20, 2017
Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More
Targeted vs Indiscriminate Attacks
The motivations for a cyber attack are familiar- money, notoriety, political scheming, protests- the list goes on. Whatever the case may be, understanding the incentive behind an attack can be a good indicator of how an attack may have been carried out. One element of investigating these attacks is discerning...
Read More
Anomali Weekly Threat Intelligence Briefing - June 13, 2017
Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More
Anomali Begins Education Outreach Initiative
The cybersecurity industry is facing a critical issue, and it’s not the cyber criminals. There is a growing shortage of workers to fill the rising demand for cyber security professionals, with a projected 3.5 million positions left unfilled by 2021.In response to this growing demand, Anomali is beginning an...
Read More
Cyber Threat Intelligence SIEM Splunk Threat Intelligence Platform ThreatStream
Malicious Actors Inside Your Network? Here’s How To Find Them.
As an analyst, context is key.With hundreds, often thousands, of security incidents raised by modern SIEM products it can make the process of triaging the most serious of them incredibly difficult. Adding context to events that form a security incident can help investigations by reducing both time and effort....
Read More
Anomali Weekly Threat Intelligence Briefing - June 6, 2017
Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More
Global Elections, Global Problems
The next in a series of pivotal elections is set to take place on June 8th in the United Kingdom, replacing Members of Parliament (MPs) and the Prime Minister. Previous elections in the United States, the Netherlands, and France were marked by an unprecedented number of cyber attacks, releases of...
Read More
The Power of an Exploit
Not all exploits are created equalVulnerabilities and PatchingPatching vulnerabilities is something everyone with a technology footprint deals with on one level or another whether they realize it or not. Consumers patch vulnerabilities all the time even if they don’t realize that’s what they are...
Read More
