Blog

Category: Cyber Threat Intelligence

Anomali Weekly Threat Intelligence Briefing - March 14, 2017

Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provides summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...

Read More

Anomali Weekly Threat Intelligence Briefing - March 7, 2017

Figure 1: IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.Trending ThreatsThis section provide summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing...

Read More

Why A Computer Beating Poker Pros Is Great News for Cybersecurity

Use of Machine Learning (ML) is a hot topic in cybersecurity, one which will undoubtedly shape the industry for years to come. To see evidence of this we’d have to look no further than the booths at this most recent RSA Security Conference, where ML was promised as...

Read More

Splunking The Modern Honey Network: Community Data (Part 4)

Over the last 3 weeks, I’ve looked at: ingesting Modern Honey Network data into Splunk, adding context to MHN data using threat feeds, and creating alerts using MHN data.In this post I am going to give you a brief insight into the data that was reported back from...

Read More

MHN Radar: Databases Under Siege

Anomali’s Modern Honeypot Network (MHN for short) is a worldwide network of honeypot sensors that collects data on scans, probes and intrusions of various network ports and services. By looking at data collected by MHN we can piece together a picture of the current threat landscape for a...

Read More

Splunking The Modern Honey Network: Honeypot Alert Automation (Part 3)

In my last post, I looked at enriching Modern Honey Network events against a threat feed, specifically Anomali Threatstream IOCs.The idea of enriching events helps filter out false positives — events that pose no real risk to a network. False positives can obviously — and do — waste many...

Read More

Splunking The Modern Honey Network: Adding Context Using Threat Feeds (Part 2)

Last week, I showed how to ingest Modern Honey Network data into Splunk and visualise it with the MHN Splunk App.Hopefully you’ve been getting lots of additional value on-top of the Modern Honey Network web app. I’m sure you’re now ready to...

Read More

Splunking The Modern Honey Network: Getting Value From Your Honeypots Data (Part 1)

Whilst The Modern Honey Network Server alone is powerful, exporting the data for further manipulation and analysis can be very useful. It is common to see security teams feeding MHN attack data directly into their SIEM for correlation against events generated from other security tools, like...

Read More

2017 Cyber Security Predictions

2016 has now come to an end and a new set of security predictions are being revealed. The past year has been a whirlwind tour of challenges and changes in the cybersecurity landscape. Targeted threat activity took on a new emphasis by focusing on both disinformation and weaponized, confidential information. Ransomware...

Read More

Anomali Weekly Threat Intelligence Briefing - December 29, 2016

Trending Threats This section provide summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing and can be used for indicator matching against your logs. Figure 1: IOC Summary Charts. These charts summarize the IOCs attached...

Read More
Register for a Free Anomali Account Register now