Blog

Locky Ransomware Shifts to .OSIRIS Extension

Locky ransomware continues to evolve and has again changed the filename extension used to encrypt files. This time using the file extension “.osiris” on all files it encrypts.Locky will encrypt image files found on the system leaving them inaccessible unless the ransom is paid to acquire the...

Read More

More On Detection Gaps…

How often have we seen a security news headline detailing a new malware strain or exploit kit campaign? The next question for security teams will usually be, do we detect that? In today’s threat landscape, delivery methods and network traffic patterns that are detected at present will eventually...

Read More

Anomali Weekly Threat Intelligence Briefing - December 5, 2016

Trending ThreatsThis section provide summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing and can be used for indicator matching against your logs.NetWire RAT Steals Payment Card Data (November 28, 2016) During an incident...

Read More

Doing Threat Intel the Hard Way - Part 2: Capturing Threat Intelligence

Part #2: Capturing Threat IntelligenceThis is the second post of a series on manual management of IOCs for threat intelligence.Part 1: Manual IOC ManagementOnce you have settled on the sources you wish to collect, a method, or more frequently methods, of collection must be established. If you...

Read More

Anomali Weekly Threat Briefing - November 28, 2016

Trending ThreatsThis section provide summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing and can be used for indicator matching against your logs.Fareit Spam: Rocking Out to a New File Type (November 22, 2016) During...

Read More

Anomali Weekly Threat Briefing - November 21, 2016

Trending ThreatsThis section provide summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing and can be used for indicator matching against your logs.Hacking Team is Back for your Androids (November 14, 2016) Researchers from...

Read More

Introducing STAXX: A Free On-Premise STIX/TAXII Solution

In December of 2014, the Financial Services Information Sharing and Analysis Center (FS-ISAC) and Depository Trust and Clearing Corporation (DTCC) announced the general availability of Soltra Edge, a program designed to help facilitate the sharing of threat intelligence in a more organized and automated manner than over email or other...

Read More

Doing Threat Intel the Hard Way - Part 1: Manual IOC Management

Part #1:  Introduction to Manual IOC Management for Threat IntelligenceThis is the first post of a series on manual management of IOCs for threat intelligence.Threat Intelligence is a popular topic in security circles these days. Many organizations are now utilizing a threat feed that comes bundled with some...

Read More

Anomali Weekly Threat Briefing - November 14, 2016

Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provide summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...

Read More

Hacking an Election Is Not a Walk In The Park

Hardly a day went by without news about possible election tampering or voting machine hacking. Hopefully the result of the increased scrutiny will be a more focused look at the technologies and processes employed as part of the US election system.The following thoughts and viewpoints are based on observations...

Read More
Register for a Free Anomali Account Register now