BLOG

Category:

Weekly Threat Briefing

WTB: WPA2 Security Flaw Puts Almost Every Wi-Fi Device at Risk of Hijack, Eavesdropping

The intelligence in this week’s iteration discuss the following threats: Data breach, Malware, Malvertising, Phishing, RAT, Support scam, Threat group, Vulnerabilities, Wi-Fi, and Zero-day. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending...
Read More


Cyber Threat Intelligence

NCSAM - Dialing in on Cybersecurity Education

“The security aspect of cyber is very tough. And maybe, it’s hardly doable...We have so many things we need to be doing better...And certainly cyber is one of them.”During the 2016 Presidential debates, Presidential candidate Donald Trump expressed his concern at the state of...
Read More


Weekly Threat Briefing

WTB: Every Single Yahoo Account Was Hacked 3 Billion In All

The intelligence in this week’s iteration discuss the following threats: Account compromise, Botnet, Data breach, Data theft, Malspam, Phishing, Ransomware, Targeted attacks, and Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending...
Read More


Cyber Threat Intelligence

Hacker Tactics - Part 3: Adversarial Machine Learning

Adversaries are constantly changing and improving how they attack us. In this six-part series we’ll explore new or advanced tactics used by threat actors to circumvent even the most cutting-edge defenses.The overwhelming trend right now is to take problems old, new, and of large scale and apply...
Read More


Weekly Threat Briefing

WTB: Flawed Apple Mac Firmware Updates May Leave Them Vulnerable to Attack

The intelligence in this week’s iteration discuss the following threats: Data breach, Data theft, Malspam, Phishing, Targeted attacks, and Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending ThreatsFlawed Apple Mac...
Read More


Cyber Threat Intelligence

Detect 2017 Recap

Detect 2017 was a great success, and we'd like to say a huge thank you to all of the speakers and attendees who made this possible. Here are a few highlights that made us say, "Great Scott!".Keynotes from:Kevin Poulsen, Cyber Crime Expert and author of Kingpin General Michael...
Read More


Cyber Threat Intelligence

A Closer Look at the German Election

On September 24th, 2017, federal elections took place in Germany to elect Germany’s next parliament, the 19th Bundestag. The Christian Democratic Union (CDU) won the majority of votes with 33%, making this Angela Merkel’s fourth term in office.Merkel has been a steadfast supporter of the European Union,...
Read More


Cyber Threat Intelligence

What the Equifax Breach means for the Social Security Number System

On September 7th, 2017, Equifax Incorporated publicly announced a major data breach of their systems. Equifax reported that data associated with approximately 143 million Americans were exposed, with records including addresses, date of birth (DOB), full name, Social Security Number (SSN), and some driver’s license numbers. Credit card numbers for...
Read More


Weekly Threat Briefing

WTB: Oracle Patches Apache Vulnerabilities

The intelligence in this week's iteration discuss the following threats: APT, Banking trojan, Data breach, Malspam, Mobile, Ransomware, Spear phishing, Typosquatting, and Vulnerability. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending ThreatsOracle...
Read More


Anomali Enterprise SIEM Splunk Threat Intelligence Platform

Give Splunk (And Your Security Team) A Helping Hand With Threat Intelligence

Performance is often one of the biggest gripes I hear from Splunk users. Even after spending time carefully architecting a distributed search environment, running it on top-of-the-range hardware, and carefully assigning user permissions, Splunk searches can still often run painfully slowly.This scenario is particularly true of security use-cases where...
Read More


Anomali Enterprise Threat Intelligence Platform

Addressing Threat Blindness

In just four years since launching Anomali we’ve seen Threat Intelligence become a standard element of enterprise security programs. Last week we published a Ponemon Institute report on “The Value of Threat Intelligence” (our 2nd year sponsoring this research) – in it we found:80%of enterprises...
Read More


Malware Research

How Ransomware has become an ‘Ethical’ Dilemma in the Eastern European Underground

By Vitali Kremez, Flashpoint and Travis Farral, AnomaliIt’s no secret that the Deep & Dark Web (DDW) is home to illicit marketplaces and forums, as well as an array of cybercriminal communications. Less obvious, however, are the nuances of these communications, the unspoken code of conduct that...
Read More


Weekly Threat Briefing

WTB: CCleanup, A Vast Number of Machines at Risk

The intelligence in this week’s iteration discuss the following threats: Adware, Compromise, Data Breach, Malspam, Malicious Plugin, Phishing, and Vulnerability. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending ThreatsCCleanup: A Vast...
Read More


Cyber Threat Intelligence Threat Intelligence Platform

The Second Annual Ponemon Study - The Value of Threat Intelligence

Today we released our findings from the Ponemon Study, “The Value of Threat Intelligence: The Second Annual Study of North American and United Kingdom Companies." The Ponemon Institute surveyed over a thousand IT security professionals on a range of threat intelligence topics. Results show that organizations are rapidly incorporating...
Read More


Malware

Hacker Tactics - Part 2: Supply Chain Attacks

Adversaries are constantly changing and improving how they attack us. In this six-part series we'll explore new or advanced tactics used by threat actors to circumvent even the most cutting-edge defenses.On June 27th, 2017, the NotPetya malware campaign initiated in Ukraine and rapidly spread around the globe. NotPetya devastated...
Read More


Weekly Threat Briefing

WTB: Equifax Breach: Sensitive Info, SSNs of 44% of U.S. Consumers Accessed by Attackers

The intelligence in this week’s iteration discuss the following threats: APT, Banking trojan, Data breach, Malspam, Misconfigured database, Phishing, and Vulnerability. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending ThreatsAdmin Accounts...
Read More


Threat Intelligence Platform

Improve Security Through People in Four Simple Steps

Organizations have an incredible variety of security solutions to choose from to protect their networks. A walk down the showroom floor at RSA or BlackHat can be downright overwhelming (both the product explanations and the swag). Whatever solutions your security team deploys though it’s important to remember that...
Read More


Weekly Threat Briefing

WTB: US Government Site Was Hosting Ransomware

The intelligence in this week’s iteration discuss the following threats: Bitpaymer, Cobian RAT, KHRAT, Locky Ransomware, Malspam, Sarahah, Turla and WireX. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending ThreatsUS Government...
Read More


Anomali Enterprise Malware

Hacker Tactics - Part 1: Domain Generation Algorithms

Coauthored by Evan Wright and Payton BushAdversaries are constantly changing and improving how they attack us. In this six-part series we'll explore new or advanced tactics used by threat actors to circumvent even the most cutting-edge defenses.What are DGAs?DGAs are code that programmatically produce a list...
Read More


Malware Weekly Threat Briefing

WTB: US Arrests Chinese Man Involved With Sakula Malware Used in OPM and Anthem Hacks

The intelligence in this week’s iteration discuss the following threats: APTs, Cybercriminals, Data leaks, Exploit kits, Malspam, Malware, Mobile, Ransomware, Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending ThreatsUS Arrests...
Read More


Get the latest threat intelligence news in your email.