Anomali Detect

September 20 - 22, 2017

Anomali Blog

Weekly Threat Briefing

WTB: New “WPSetup” Attack Targets Fresh WordPress Installs

The intelligence in this week’s iteration discuss the following threats: Adobe Patches, Android Malware, Cloud Leaks, Point-of-Sale, Ransomware, Remote Access Trojan, and Windows Protocol Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity. ...
Read More


Cyber Threat Intelligence

TAXIIing to the Runway

Common challenges in starting a threat intelligence programOnce considered a “nice to have”, threat intelligence is now increasingly seen as an critical part of security programs. In the 2016 Value of Threat Intelligence: Ponemon Study, 78 percent of respondents polled agreed that threat intelligence was essential to a strong...
Read More


Weekly Threat Briefing

WTB: Hard Rock, Loews Hotels Admit Data Breach

The intelligence in this week’s iteration discuss the following threats: Credit Card theft, Distributed Denial-of-Service, Mobile malware, Payment System breach, Point-of-Sale, Ransomware, Remote Access Trojan. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity. ...
Read More


Cyber Threat Intelligence

Anomali Forum - Your Cyber War Room

Zero-day exploits such as last week’s Petya can be a nightmare of damage to a company’s information, systems and reputation. One of the more practical solutions for such an attack is for companies to band together and share information that could bolster defences or...
Read More


Weekly Threat Briefing

WTB: More Security Firms Confirm NotPetya Shoddy Code Is Making Recovery Impossible

Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More


Anomali Enterprise Cyber Threat Intelligence

How Anomali Enterprise Helped Me Detect Malware In My Home Network

Have you ever wondered who is trying to connect to your home network? Or from your home network to the internet? Few internet users consider either of these questions (and the ones that do usually work in the security industry). Many believe the router their...
Read More


Malware Research

Petya (NotPetya, Petrwrap)

DetailsA malware strain that appears to be based off of the “Petya” ransomware began targeting and infecting governments and businesses worldwide on June 27th, 2017. Since dubbed “NotPetya” by some researchers, and “Nyetya” by others, this malware has spread across Europe and North America...
Read More


Malware Research

Ukraine hit hard as Petya Ransomware Variant Spreads around the world

[updated 6/28/2017 1:29pm ET] We will be updating this page with additional information. Please check back for the latest.While initial reports have only centered on the Ukraine being hit by a new stream of ransomware known as Petya, this is a global attack. Just like WannaCry, this might be leveraging...
Read More


Weekly Threat Briefing

Anomali Weekly Threat Intelligence Briefing - June 27, 2017

Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More


Cyber Threat Intelligence SIEM Splunk ThreatStream

Proactively monitor your network against attacks using our FREE Threat Intelligence in Splunk

A few weeks ago I showed how to use the Anomali ThreatStream Splunk App to hunt known actors that had been observed trying to access your environment, and in some cases where they were already inside.For those who are not yet ThreatStream customers, do not fear. Our...
Read More


STAXX

Anomali Limo - Free Intelligence Feeds

If today’s threat landscape were a road, it would be marred with all kinds of obstacles- potholes of malware, a flat tire of phishing emails, and maybe even a stolen car/computer through a botnet. It’s treacherous to navigate- particularly if you don’t have...
Read More


Weekly Threat Briefing

Anomali Weekly Threat Intelligence Briefing - June 20, 2017

Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More


Cyber Threat Intelligence

Targeted vs Indiscriminate Attacks

The motivations for a cyber attack are familiar- money, notoriety, political scheming, protests- the list goes on. Whatever the case may be, understanding the incentive behind an attack can be a good indicator of how an attack may have been carried out. One element of investigating these attacks is discerning...
Read More


Weekly Threat Briefing

Anomali Weekly Threat Intelligence Briefing - June 13, 2017

Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More


Research

Anomali Begins Education Outreach Initiative

The cybersecurity industry is facing a critical issue, and it’s not the cyber criminals. There is a growing shortage of workers to fill the rising demand for cyber security professionals, with a projected 3.5 million positions left unfilled by 2021.In response to this growing demand, Anomali is beginning an...
Read More


Cyber Threat Intelligence SIEM Splunk Threat Intelligence Platform ThreatStream

Malicious Actors Inside Your Network? Here’s How To Find Them.

As an analyst, context is key.With hundreds, often thousands, of security incidents raised by modern SIEM products it can make the process of triaging the most serious of them incredibly difficult. Adding context to events that form a security incident can help investigations by reducing both time and effort....
Read More


Weekly Threat Briefing

Anomali Weekly Threat Intelligence Briefing - June 6, 2017

Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More


Research

Global Elections, Global Problems

The next in a series of pivotal elections is set to take place on June 8th in the United Kingdom, replacing Members of Parliament (MPs) and the Prime Minister. Previous elections in the United States, the Netherlands, and France were marked by an unprecedented number of cyber attacks, releases of...
Read More


Research

The Power of an Exploit

Not all exploits are created equalVulnerabilities and PatchingPatching vulnerabilities is something everyone with a technology footprint deals with on one level or another whether they realize it or not. Consumers patch vulnerabilities all the time even if they don’t realize that’s what they are...
Read More


Weekly Threat Briefing

Anomali Weekly Threat Intelligence Briefing - May 30, 2017

Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...
Read More


Get the latest threat intelligence news in your email.