The Anomali Blog: Malware posts

The Anomali Blog

Analysis and perspectives from the leading voice in threat intelligence.

Category: Malware

Anomali Threat Research
Anomali Threat Research December 29, 2020

Anomali ThreatStream Sunburst Backdoor Custom Dashboard Provides Machine Readable IOCs Related To SolarWinds Supply Chain Attack

SolarWinds, a provider of IT management and monitoring software deployed by thousands of global customers, was breached between March and June of 2020 by an Advanced Persistent Threat (APT) that cybersecurity company FireEye is tracking as UNC2452. As part of the supply chain attack, the APT compromised the company’s Orion…

Anomali Threat Research
Anomali Threat Research December 17, 2020

FireEye, SolarWinds Hacks Show that Detection is Key to Solid Defense

Several years back, industry analyst firm Gartner began circulating the idea that almost every major enterprise and government agency was either compromised or would be compromised at some point in time. This week, when we woke up to the news that FireEye and SolarWinds had joined the ranks of the hacked, we learned once again…

Anomali Threat Research
Anomali Threat Research January 10, 2019

2019 Attack Predictions for the Payment Sector

Anomali Labs published this week a report, “Cyber Crime in the Payments Industry,” that examines threat trends affecting this sector. The report, available for download, details attacks and techniques, and provides recommendations for organizations that process credit card transactions.The payments industry, including…

Anomali Threat Research
Anomali Threat Research December 13, 2018

New Shamoon V3 Malware Targets Oil and Gas Sector in the Middle East and Europe

A new version of destructive wiper malware Shamoon was first identified by security researchers on December 5, 2018. This malware dubbed Shamoon V3, appears to be a new version of the destructive malware, which has historically been associated with advanced persistent threat actors aligned with the interests of the Iranian state.…

Anomali Threat Research
Anomali Threat Research December 6, 2018

Pulling Linux Rabbit/Rabbot Malware Out of a Hat

OverviewCyber threat researchers from Anomali Labs have discovered a new malware, called “Linux Rabbit,” that targeted Linux servers and Internet-of-Things (IoT) devices in a campaign that began in August 2018 and continued until October 2018. The campaign targeted devices in Russia, South Korea, the UK, and the US.…

Kailyn Johnson
Kailyn Johnson August 16, 2018

Analyzing WannaCry a Year After the Ransomware Attack

The cyber-attack known as WannaCry first broke out in May of 2017 and was unprecedented in its scope and impact. It utilized a Microsoft Windows vulnerability that was leaked by a cyber threat group, the Shadow Brokers, and despite Microsoft releasing a patch for the vulnerability, many organizations failed to apply the patch and…

Anomali Threat Research
Anomali Threat Research May 17, 2018

APT 29 - Put up your Dukes

Have you ever heard the phrase “put up your dukes” and wondered how on Earth that could equate to putting up your fists for a fight? You wouldn’t be alone in wondering. Etymologists studying this phrase have concluded that this expression, like many others that are seemingly inexplicable, likely came from rhyming…

Subscribe to the Anomali Newsletter

Get the latest Anomali updates and cybersecurity news straight to your inbox each month.

Subscribe Now