BLOG

Category: Anomali Enterprise

Anomali Enterprise Cyber Threat Intelligence Research

DreamBot Campaign Dreams Big

SummaryBeginning late April, Anomali Labs observed a phishing campaign distributing malicious documents containing macros to download DreamBot, a variant of Ursnif. The downloaded DreamBot payload turned out to be a stealthy keylogger, contrary to previously observed behavior from this malware family. The campaign, which lasted several weeks, continually rotated...
Read More


Anomali Enterprise

Measuring the Effectiveness of Threat Feeds

We do a lot of important and sometimes complicated things as we try to defend organizations from cyber attacks. One thing that often gets left behind, or at least isn’t done as effectively as it could be, is measuring what we do and how well we do it....
Read More


Anomali Enterprise Cyber Threat Intelligence SIEM Splunk Threat Intelligence Platform ThreatStream

Generating Your Own Threat Intelligence Feeds in ThreatStream

Getting threat intelligence into your existing security products - SIEMs, endpoints, network tools -- can significantly enhance their effectiveness and longevity. Here at Anomali we understand the value of product integrations, so much so that my entire job is to manage the 30+ we currently offer.Recently we launched...
Read More


Anomali Enterprise Cyber Threat Intelligence Malware SIEM ThreatStream

What I’ve Learned as a Part-Time Cyber Threat Analyst Using Anomali Enterprise

A few months ago I wrote a post detailing how Anomali Enterprise helped me to identify a malware threat to my home network. Many have since emailed me asking how they can do the same (please keep them coming!).Since writing that post, my router has generated millions of logs...
Read More


Anomali Enterprise SIEM Splunk Threat Intelligence Platform

Give Splunk (And Your Security Team) A Helping Hand With Threat Intelligence

Performance is often one of the biggest gripes I hear from Splunk users. Even after spending time carefully architecting a distributed search environment, running it on top-of-the-range hardware, and carefully assigning user permissions, Splunk searches can still often run painfully slowly.This scenario is particularly true of security use-cases where...
Read More


Anomali Enterprise Threat Intelligence Platform

Addressing Threat Blindness

In just four years since launching Anomali we’ve seen Threat Intelligence become a standard element of enterprise security programs. Last week we published a Ponemon Institute report on “The Value of Threat Intelligence” (our 2nd year sponsoring this research) – in it we found:80%of enterprises...
Read More


Anomali Enterprise Malware

Hacker Tactics - Part 1: Domain Generation Algorithms

Coauthored by Evan Wright and Payton BushAdversaries are constantly changing and improving how they attack us. In this six-part series we'll explore new or advanced tactics used by threat actors to circumvent even the most cutting-edge defenses.What are DGAs?DGAs are code that programmatically produce a list...
Read More


Anomali Enterprise Cyber Threat Intelligence

How Anomali Enterprise Helped Me Detect Malware In My Home Network

Have you ever wondered who is trying to connect to your home network? Or from your home network to the internet? Few internet users consider either of these questions (and the ones that do usually work in the security industry). Many believe the router their...
Read More


Anomali Enterprise Cyber Threat Intelligence SIEM Splunk Threat Intelligence Platform

Anomali Reports: Analyse Splunk Events To See If You’ve Been Breached

Anomali Reports analyses your companies IT activity against millions of Indicators of Comprimise (IOCs) stored in Threatstream. Each week a Threat Analysis report is automatically generated for you to review. Reports are delivered via web and email and they highlight the most critical security incidents, alerting you to potential security...
Read More


Anomali Enterprise ThreatStream

Anomali Opens New Office in Belfast, Ireland

One of the biggest challenges that comes with delivering a popular product is managing the associated growth. Anomali has experienced tremendous growth each year since its founding in 2013. As Anomali continues to grow in Europe, it only makes sense to increase our presence to serve that market.“Anomali has...
Read More


Get the latest threat intelligence news in your email.