Blog

Category: Threat Intelligence Platform

Decreasing Dwell Time - How Long Intruders Go Undetected

The evaluation of technical threat intelligence data is a nascent art. When evaluating Indicator sources many focus on counting the number of indicators the source has. The next step in evaluating indicator sources is usually based upon the number of True Positive alerts generated by the IoCs compared to the...

Read More

2017 Cyber Security Predictions

2016 has now come to an end and a new set of security predictions are being revealed. The past year has been a whirlwind tour of challenges and changes in the cybersecurity landscape. Targeted threat activity took on a new emphasis by focusing on both disinformation and weaponized, confidential information. Ransomware...

Read More

Anomali Weekly Threat Intelligence Briefing - December 29, 2016

Trending Threats This section provide summaries and links to the top threat intelligence stories from this past week. All IOCs from these stories are attached to this threat briefing and can be used for indicator matching against your logs. Figure 1: IOC Summary Charts. These charts summarize the IOCs attached...

Read More

Locky Ransomware Shifts to .OSIRIS Extension

Locky ransomware continues to evolve and has again changed the filename extension used to encrypt files. This time using the file extension “.osiris” on all files it encrypts.Locky will encrypt image files found on the system leaving them inaccessible unless the ransom is paid to acquire the...

Read More

More On Detection Gaps…

How often have we seen a security news headline detailing a new malware strain or exploit kit campaign? The next question for security teams will usually be, do we detect that? In today’s threat landscape, delivery methods and network traffic patterns that are detected at present will eventually...

Read More

Introducing STAXX: A Free On-Premise STIX/TAXII Solution

In December of 2014, the Financial Services Information Sharing and Analysis Center (FS-ISAC) and Depository Trust and Clearing Corporation (DTCC) announced the general availability of Soltra Edge, a program designed to help facilitate the sharing of threat intelligence in a more organized and automated manner than over email or other...

Read More

Why Having Threat Intelligence Platforms Available Matter For The USA?

Threat intelligence platforms are more than plug and play network protection alarms. Antivirus software is only one component of a cybersecurity system. It’s now possible and recommended to integrate traffic logs into one common application. When traffic logs from all corners of your digital holdings are analyzed together,...

Read More

Using A Threat Intelligence Platform To Stop Threats In Advance

In order to prevent hacks in advance, one cannot rely on a singular piece of software. Layers of protection positioned throughout the network are necessary just as a secure building has a fence, locks on the doors, and a safe for valuables. Think of threat intelligence as a security system...

Read More

Why Did Threat Intelligence Platforms Become A Must? Find Out Here!

The goal of threat intelligence is ultimately to dramatically reduce the incoming number of cyber-threats including hacking, malware, and internal threats. This end is achieved through an active, ongoing effort to identify potential threats. Discovering would-be targeted attacks as well as random Trojan injections is an ongoing project. This undertaking...

Read More

How a Cybersecurity Stack Can Protect Your Network

One thing that many different populations of people can agree on is the importance of cybersecurity. When shopping for a cybersecurity application, you cannot choose the best option without an understanding of what you’re getting. If you’re in charge of risk management, crisis communication, or other...

Read More
Register for a Free Anomali Account Register now