Anomali Detect

September 20 - 22, 2017

BLOG

Category: Research

Malware Research

How Threat Hunting Can Help Defend Against Malware Attacks

By Kris Merritt (Vector8) and Justin Swisher (Anomali)Since the outbreak of Petya some days ago many articles have been written dissecting the malware, its purpose, and its attribution. These articles used reverse engineering and malware analysis to conduct post incident analysis. Vector8 and Anomali viewed the Petya outbreak differently,...
Read More


Malware Research

Petya (NotPetya, Petrwrap)

DetailsA malware strain that appears to be based off of the “Petya” ransomware began targeting and infecting governments and businesses worldwide on June 27th, 2017. Since dubbed “NotPetya” by some researchers, and “Nyetya” by others, this malware has spread across Europe and North America...
Read More


Malware Research

Ukraine hit hard as Petya Ransomware Variant Spreads around the world

[updated 6/28/2017 1:29pm ET] We will be updating this page with additional information. Please check back for the latest.While initial reports have only centered on the Ukraine being hit by a new stream of ransomware known as Petya, this is a global attack. Just like WannaCry, this might be leveraging...
Read More


Research

Anomali Begins Education Outreach Initiative

The cybersecurity industry is facing a critical issue, and it’s not the cyber criminals. There is a growing shortage of workers to fill the rising demand for cyber security professionals, with a projected 3.5 million positions left unfilled by 2021.In response to this growing demand, Anomali is beginning an...
Read More


Research

Global Elections, Global Problems

The next in a series of pivotal elections is set to take place on June 8th in the United Kingdom, replacing Members of Parliament (MPs) and the Prime Minister. Previous elections in the United States, the Netherlands, and France were marked by an unprecedented number of cyber attacks, releases of...
Read More


Research

The Power of an Exploit

Not all exploits are created equalVulnerabilities and PatchingPatching vulnerabilities is something everyone with a technology footprint deals with on one level or another whether they realize it or not. Consumers patch vulnerabilities all the time even if they don’t realize that’s what they are...
Read More


Malware Research

Ransomware- A Tech or Human Problem?

If you hadn’t heard of ransomware before WanaCry, you’ve heard of it now. Ransomware is a specially designed piece of malware that blocks a user's access to their files or even to the system itself. It is able to bypass many security controls because its...
Read More


Research

WanaCry: Frequently Asked Questions

There are many questions surrounding the WanaCry ransomware attack that started on May 12, 2017. In order to provide some quick answers to common questions and dispel some misconceptions, we are providing this list of frequently asked questions. We will keep this updated as new details emerge. For a more in-depth look...
Read More


Research

WanaCry Observations: Big Worm = Big Problems

NOTE: Anomali is continuing to investigate and monitor the WanaCry worm and will update this page as we have more information to share. Visit www.anomali.com/wanacry for the latest.On the morning of Friday May 12th a new ransomware threat emerged infecting tens of thousands of computers across...
Read More


Research STAXX

STIX/TAXII: All Your Questions Answered

What are they?STIX/TAXII are community-driven standards and protocols for sharing cyber threat intelligence. Technically speaking, STIX and TAXII are not sharing programs, tools, or software, but rather components and standards that support them. STIX states the what of threat intelligence, while TAXII defines how that information is relayed....
Read More


Research

Why Brand Monitoring is a Security Issue - Compromised Credentials

Corporate brands are generally thought of as intangible objects that carry the company’s image and reputation. However, your brand is very tangible in the eyes of attackers and can absolutely be targeted and damaged with cyber threats. To prevent such damage, companies can engage in “brand monitoring...
Read More


Research

Data Privacy in a World of Outsourced Artificial Intelligence

Artificial intelligence(AI) and deep learning can lead to powerful business insights.  Many executives are ready to harness the power of this technology but one main challenge holds them back.  Hiring technical talent for cybersecurity is hard enough in itself; hiring technical talent for AI is a much...
Read More


Research

The Definitive Guide to Sharing Threat Intelligence

Threat Intelligence sharing is becoming more mainstream as ISACs and other industry sharing collectives gain popularity. As intelligence sharing becomes more popular, there are some things to consider to get the most out of it. Anomali’s new whitepaper, The Definitive Guide to Threat Intelligence Sharing explores this topic...
Read More


Research

Why Brand Monitoring is a Security Issue - Typosquatting

Corporate brands are generally thought of as intangible objects that carry the company’s image and reputation. However, your brand is very tangible in the eyes of attackers and can absolutely be targeted and damaged with cyber threats. To prevent such damage, companies can engage in “brand monitoring...
Read More


Research

Shedding Some Light on the Dark Web

Underground markets may have originated in the time of Internet Relay Chats (IRCs), but the appearance of cryptocurrencies and anonymous communications like Bitcoin and Tor have allowed these markets to develop far past their genesis. Darknet forums are now a very efficient platform through which to conduct illegal business....
Read More


Cyber Threat Intelligence Research Threat Intelligence Platform

3 Most Common Pitfalls When Implementing Threat Intelligence and How to Avoid Them

Executive SummaryEffective threat intelligence requires a combination of sources and techniques, analysts to interpret data, and a platform through which to manage and leverage data. Many people will unwittingly fall into a “threat intelligence trap” when trying to implement a successful threat intelligence program.Despite having access...
Read More


Cyber Threat Intelligence Research

Ways To Maintain Your Cybersecurity Infrastructure

Network security is a great undertaking early on. The benefits to protecting your network are immediate as well as beneficial in the long term. However, the systems and practices which defend your organization and its network are not a “set it and forget it” machine. As threats are...
Read More


Research

Machine Learning for Cybersecurity

Sam Charrington, host of Machine Learning & Artificial Intelligence (TWiML & AI) podcast and Evan Wright Principal Data Scientist at Anomali discuss a number of topics surrounding the use of machine learning in cybersecurity. These topics include: ​ The three big problems in cybersecurity that Machine...
Read More


Research

Teach A Man to Phish

In the world of credential theft, phishing continues to be a popular method of attack. All that a cybercriminal needs to start are saved and modified login pages of a web site and some clever social engineering. Once the desired page is set up (often using throw-away or compromised domains)...
Read More


Malware Research Threat Intelligence Platform

Decreasing Dwell Time - How Long Intruders Go Undetected

The evaluation of technical threat intelligence data is a nascent art. When evaluating Indicator sources many focus on counting the number of indicators the source has. The next step in evaluating indicator sources is usually based upon the number of True Positive alerts generated by the IoCs compared to the...
Read More


Get the latest threat intelligence news in your email.