SPECIAL HOLIDAY OFFER: Custom Recon Report with free Anomali Enterprise Trial   Sign Up Now

BLOG

Category:

Research

A Very Malicious Christmas

In 2017, Americans are projected to spend $906 million on gifts, up from $785 in 2016. A significant chunk of that total will be spent online. As consumers turn to the internet, those looking to exploit them are increasing at a similar rate.Over the last 5 years, the festive season has seen...
Read More


Weekly Threat Briefing

WTB: German Spy Agency Warns of Chinese LinkedIn Espionage

The intelligence in this week’s iteration discuss the following threats: APT, Banking trojan, Botnet, Data leak, Malspam, Malvertising, Pre-installed keylogger, Ransomware, Targeted attacks, Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending...
Read More


Cyber Threat Intelligence

What is Threat Intelligence?

Written by Steve Miller and Payton BushThreat intelligence is a subset of intelligence focused on information security. Gartner (sorry, people) defines threat intelligence as “evidence-based knowledge...about an existing or emerging menace or hazard...to inform decisions regarding the subject’s response to that menace or hazard....
Read More


Weekly Threat Briefing

WTB: Phishers Target Panicking PayPal Users with Fake “Failed Transaction” Emails

The intelligence in this week’s iteration discuss the following threats: Backdoor, Data breach, Data theft, Malspam, Misconfigured bucket, Phishing, RAT, Spyware, Trackers, and Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending...
Read More


Cyber Threat Intelligence Threat Intelligence Platform

Using ThreatStream Indicators of Compromise with AWS GuardDuty

It has been a busy week for AWS at their re:Invent 2017 conference in Las Vegas. One of the new product launches that caught my eye yesterday was GuardDuty, a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help protect AWS accounts and...
Read More


Cyber Threat Intelligence Research

FTSE 100 Report: Targeted Brand Attacks and Mass Credential Exposures

The Anomali Labs team conducted research to identify suspicious domain registrations and potentially compromised credentials that could be used as part of an attack against the Financial Times Stock Exchange 100 (FTSE 100). Both methods of attack pose a significant threat not only to corporate brands but also to the corporations themselves....
Read More


Weekly Threat Briefing

WTB: Imgur hackers stole 1.7 million email addresses and passwords

This section listed below contains summaries on various threat intelligence stories that occurred during the past week. The intelligence in this week’s iteration discuss the following threats: Account Checking, Android Malware, BankBot Trojan, Imgur Database Breach, IRAFAU, Lazrus Group, Microsoft Office Vulnerabilities, Mirai Botnet, Necurs Botnet, Scarab Ransomware,...
Read More


Cyber Threat Intelligence

10 Reasons to be Thankful for a Security Analyst

The global number of internet users hit 3.8 billion in 2017, and is expected to reach 6 billion by 2022. We’re rapidly approaching the point where people without access to the internet will be in the minority, and where the internet is not only accessible but also ingrained into daily life. Succinctly...
Read More


Weekly Threat Briefing

WTB: Cobalt Strikes Again: Spam Runs macros and CVE-2017-8759 Exploit Against Russian Banks

This section listed below contains summaries on various threat intelligence stories that occurred during the past week. The intelligence in this week’s iteration discuss the following threats: APT, Brute force attacks, Holiday scams, Malspam, Phishing, Preinstalled features, Ransomware, Targeted attacks, Threat group, and Vulnerabilites. The IOCs related to...
Read More


Cyber Threat Intelligence Threat Intelligence Platform

Anomali Provides Threat-Sharing Expertise Before Congress

Cyber Threat Intelligence provider Anomali appeared before Congress on Wednesday, November 15th to provide threat-sharing expertise before the U.S. House of Representatives Homeland Security Committee. The purpose of this hearing was to discuss methods for improving the value of cyber threat information shared by the government and increasing participation...
Read More


Weekly Threat Briefing

WTB: New Banking Trojan IcedID Discovered

The intelligence in this week’s iteration discuss the following threats: Business Email Compromise, Financial theft, Malspam, Phishing, Ransomware, Threat group, Trojan, and Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending Threats ...
Read More


Cyber Threat Intelligence STAXX

Restful Mash-Ups to Help Under-Staffed Infosec Teams

“This article was originally featured on Wire Data on April 2nd, 2017.”In this post, we will couple ExtraHop’s wire data analytics, Anomali STAXX, a leading threat intelligence solution and Slack, a cloud-based collaboration platform to demonstrate how we can use orchestration and...
Read More


Weekly Threat Briefing

WTB: Over A Million Android Users Fooled by Fake WhatsApp App in Official Google Play Store

The intelligence in this week’s iteration discuss the following threats: Botnet, Data leak, Email account compromise, Malicious application, Malspam, Phishing, Ransomware, RAT, Spear phishing, Trojan, Targeted attacks, and Vulnerabilities. The IOCs related to these stories are attached to the WTB and can be used to check your logs...
Read More


Research

Russian Federation Cybersecurity Report

Whether the perpetrators or the victims, the Russian Federation is often linked to cyber activities in the news. The Russian Federation was recently hit with a ransomware attack called Bad Rabbit, which security professionals theorize was a retaliation for ransomware known as Petya. Evidence was also recently released indicating that...
Read More


Weekly Threat Briefing

WTB: LokiBot Android Banking Trojan Turns Into Ransomware When You Try to Remove It

This section listed below contains summaries on various threat intelligence stories that occurred during the past week. The intelligence in this week's iteration discuss the following threats: Botnet, Exploit kit, Malicious Applications, Malspam, Phishing, Ransomware, and Vulnerabilities. The IOCs related to these stories are attached to the WTB and...
Read More


Anomali Enterprise Cyber Threat Intelligence Malware SIEM ThreatStream

What I’ve Learned as a Part-Time Cyber Threat Analyst Using Anomali Enterprise

A few months ago I wrote a post detailing how Anomali Enterprise helped me to identify a malware threat to my home network. Many have since emailed me asking how they can do the same (please keep them coming!).Since writing that post, my router has generated millions of logs...
Read More


Cyber Threat Intelligence Research

Bad Rabbit Ransomware Outbreak in Russia and Ukraine

OverviewOn October 24, 2017, security firms and media organization began reporting about an active ransomware campaign that, as of this writing, has primarily targeted entities in Russia and Eastern Europe. The infections are believed to have initiated on October 24 at approximately 12:16 UTC, evidenced by an infected company’s tweet...
Read More


Weekly Threat Briefing

WTB: Advanced Persistent Threat Activity Targeting Energy and Critical Infrastructure Sectors

The intelligence in this week’s iteration discuss the following threats: APT, Malspam, Malvertising, Malware, Phishing, Targeted attacks, Ransomware, and Underground markets. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending ThreatsOSX/Proton...
Read More


Cyber Threat Intelligence

The Catch-22 of Security Software

Malicious actors are constantly developing new and improved methods to attack companies. Innovations in security software help organizations to defend against the dynamic world of information security threats, but this protection comes with inherent drawbacks.One of these drawbacks is that security solutions can require significant access to systems and...
Read More


Weekly Threat Briefing

WTB: WPA2 Security Flaw Puts Almost Every Wi-Fi Device at Risk of Hijack, Eavesdropping

The intelligence in this week’s iteration discuss the following threats: Data breach, Malware, Malvertising, Phishing, RAT, Support scam, Threat group, Vulnerabilities, Wi-Fi, and Zero-day. The IOCs related to these stories are attached to the WTB and can be used to check your logs for potential malicious activity.Trending...
Read More


Get the latest threat intelligence news in your email.