BLOG
Category: Cyber Threat Intelligence
Anomali: History in the Making
Let me kick off this post by extending a big “thank you” to everyone who participated in Detect ‘19, our fourth annual threat intelligence industry conference. Hundreds of attendees spanning customers, partners, employees, and special guests joined us in National Harbor, Maryland to participate in this history-making cybersecurity...
Read More
Using Social Media (SOCMINT) in Threat Hunting
(Concepts and workflows developed by Chris Collins, Scott Poley, and Thomas Gorman)Social Media is such a prominent activity in our online lives. It allows its users to communicate and share information. It can also be abused for fraud, cybercrime, and the distribution of misinformation.That being said, I...
Read More
Threat Hunting: Eight Tactics to a Better Cybersecurity Strategy
One of the bigger headaches I think we can all agree on in the Cyber Security business is the overuse of buzzwords, and the overlapping mutations of what they mean, depending on who’s saying them. Threat Hunting has certainly become one of those phrases. So what is threat...
Read More
Black Hat: What’s in a Name
Black Hat starts Sunday. Over the years, the conference has come to be known by many names, ranging from “cybersecurity summer camp” to “hacker boot camp.” Equally interesting is the array of titles for the dozens of Briefings and Arsenal presentations scheduled. There is simply...
Read More
Happy Birthday No More Ransom!
Today, the No More Ransom (NMR) project turns three years old. Anomali joined the No More Ransom partnership on the 25th of March, and since then, organizations and the information security community at large continue to observe devastating ransomware incidents around the world. These incidents typically cause challenging remediation...
Read More
Top Five Cyber Threat Intelligence Training Resources to Check Out
Every day, new types of cyberattacks are causing escalating damage to companies, governments, and individuals. Security professionals are often under pressure to keep up and understand new cyberattacks and tricks. Addressing this need in cybersecurity skills requires foundational training resources that can be referenced regularly. Luckily, there are numerous websites...
Read More
Cyber Threat Intelligence Saves Enterprises Millions
Demand for cyber threat intelligence (CTI) capabilities is growing. More than 85 percent of respondents to the Ponemon Value of Threat Intelligence survey and report we sponsored ranked it as a top security priority. One analyst firm predicts that enterprises will soon be investing 20 percent of their security budgets into it.
...
Read More
Data Breach Costs: Scare Tactic No More
We now know more than we’ve ever known about the true cost of a data breach. In addition to survey-based research, costs are discussed openly in quarterly reporting calls, made available via court documents, reported in the news, and apparent in stock values. The available information has taught...
Read More
Mind the Threat Intelligence Gap With a Strong Cybersecurity Strategy
85% say Threat Intelligence is important for a strong security posture but 41% say they have not made progress in the effectiveness of Threat Intelligence data. This comes from a recent 2019 study carried out by the Ponemon institute with over 1000 IT Security Practitioners in North America and the U.K.The difference...
Read More
Level Up Your SOC - Focus On People, Process, and Technology
IntroductionA Security Operations Center (SOC) is an organized and highly skilled team whose mission is to continuously monitor and improve an organization’s cybersecurity posture while preventing, detecting, analysing and responding to security incidents with the aid of technology and well-defined processes and procedures. The success of your...
Read More
Anomali Joins No More Ransom Partnership Ecosystem
On the 25th of March, Anomali is proud to announce a supporting partnership with No More Ransom (NMR). Anomali innovates intelligence-driven solutions that address cyber security challenges to achieve a more secure world. NMR is a non-commercial public-private initiative launched in July 2016 which created a common portal containing relevant information...
Read More
Threat Actor - A Love Story
The BreachIt’s 5am on a Saturday morning, you’re soundly sleeping after a hectic week as CISO of a large organization. Suddenly, the phone rings and wakes you up. The voice on the phone says one of the most dreaded phrases, “You need to get...
Read More
Cyber Threat Intelligence Threat Intelligence Platform
Partner Spotlight: Silobreaker
One of the key differentiators between good security and great security is the interconnectedness between security solutions. Organizations need numerous specialized tools to aggregate, analyze, monitor, block, share - the list goes on. The more seamless the transfer of information and actions between these tools, the more effectively security teams...
Read More
Cyber Threat Intelligence Malware
Holiday Shopping Increases Threat Actor Activity in 2018—Be Vigilant and Jolly
OverviewAs the weather grows colder and holiday shopping seasons encroaches, so too, increases the opportunities for data and monetary theft for a threat actor. Every year it seems as if companies are moving their “deals” earlier and earlier than the well-known Black Friday and Cyber Monday shopping...
Read More
Cyber Threat Intelligence Malware Research
New Shamoon V3 Malware Targets Oil and Gas Sector in the Middle East and Europe
A new version of destructive wiper malware Shamoon was first identified by security researchers on December 5, 2018. This malware dubbed Shamoon V3, appears to be a new version of the destructive malware, which has historically been associated with advanced persistent threat actors aligned with the interests of the Iranian state. It...
Read More
The Power of Active Collaboration in ISACs, ISAOs and Security Interest Groups
During DefCon 26 held in August 2018, on the subject of “Securing our Nation's Election Infrastructure”, Jeanette Manfra, Assistant Secretary, Office of Cybersecurity and Communications from the Department of Homeland Security (DHS) emphasized the need for public and private sector collaboration and the importance of sharing information. Ms....
Read More
Cyber Threat Intelligence Malware
Pulling Linux Rabbit/Rabbot Malware Out of a Hat
OverviewCyber threat researchers from Anomali Labs have discovered a new malware, called “Linux Rabbit,” that targeted Linux servers and Internet-of-Things (IoT) devices in a campaign that began in August 2018 and continued until October 2018. The campaign targeted devices in Russia, South Korea, the UK, and the US. The...
Read More
What is MITRE ATT&CK™?
MITRE introduced ATT&CK (Adversarial Tactics, Techniques & Common Knowledge) in 2013 as a way to describe and categorize adversarial behaviors based on real-world observations. ATT&CK is a structured list of known attacker behaviors that have been compiled into tactics and techniques and expressed in a handful of...
Read More
Cyber Threat Intelligence Research
Is Magecart Checking Out Your Secure Online Transactions?
With Online Holiday Sales Projected at $123B: How Secure are Your Transactions? There is a projected $123B in online purchases this holiday season, according to commerce site shopify.com. Millions of online transactions will occur between now and December 25th. How secure do you feel entering your credit or...
Read More
Cyber Threat Intelligence Research
Staying Safe Online During Black Friday and Cyber Monday
IntroductionThe countdown to Black Friday and Cyber Monday 2018 is well underway as consumers prepare for the sales frenzy that will kick off on Friday, November 23rd and Monday, November 26th. Black Friday and Cyber Monday have arguably become two of the most important and notable days in the...
Read More
