The Anomali Blog: posts

Schedule Demo

The Anomali Platform

Transform security operations with disruptive security analytics. Go from business risk to cyber actions in minutes. Amplify your visibility, automate your workflows, and optimize your cyber stack.

Do more. With less.

Learn more

Threat Intelligence Management

ThreatStream

The external landscape: From data to insights in minutes.

Lens

Automate intel gathering: Extract intelligence insights from unstructured data.

Detection and Response

Match

Your internal environment: Unlock your visibility and accelerate your protection.

Exposure Management

Attack Surface Management

Your risk surface: Where are you at risk of exposure?

Digital Risk Protection

Your compromise: What have the attackers already taken from you?

The Anomali APP Store

A unique cybersecurity marketplace providing instant access to a growing catalog of threat intelligence providers, integration partners, and threat analysis tools.

Learn more

Marketplace Offerings

Threat Intelligence Feeds

Trial and purchase threat intelligence feeds from Anomali partners – find the right intelligence for your organization, industry, geography, threat type, and more.

Threat Analysis Tools & Enrichments

Gain the tools to pivot quickly from one piece of information to look up other sources of data to get a complete picture of a threat – all one click away.

Security System Partners

Anomali seamlessly integrates with many Security and IT systems to operationalize threat intelligence.

For Partners

Anomali SDKs

Join the Anomali Technology Partner Program

Partners Overview

Anomali offers competitive advantages and new revenue opportunities for partners looking to enhance their product portfolios with our market-leading threat intelligence platform.

Learn more

Sell Anomali

Channel Resellers

MSSPs

System Integrators

Integrate with Anomali

Threat Intel Sharing

Technology Partner Program

Anomali SDKs

About Anomali

Anomali delivers intelligence-driven cybersecurity solutions, including ThreatStream®, Match™, and Lens™. Companies use Anomali to enhance threat visibility, automate threat processing and detection, and accelerate threat investigation, response, and remediation.

Learn more

Anomali at Work

Get in touch

Request a demo

Careers

The Anomali Blog

Anomali Cyber Watch: CloudWizard Targets Both Sides in Ukraine, Camaro Dragon Trojanized TP-Link Firmware, RA Group Ransomware Copied Babuk

Anomali Cyber Watch | May 23, 2023

Anomali Cyber Watch: Lancefly APT Adopts Alternatives to Phishing, BPFdoor Removed Hardcoded Indicators, FBI Ordered Russian Malware to Self-Destruct

Anomali Cyber Watch | May 16, 2023

Anomali Cyber Watch: Custom Virtual Environment Hides FluHorse, BabyShark Evolved into ReconShark, Fleckpe-Infected Apps Add Expensive Subscriptions

Anomali Cyber Watch | May 9, 2023

Anomali Cyber Watch: APT37 Adopts LNK Files, Charming Kitten Uses BellaCiao Implant-Dropper, ViperSoftX Infostealer Unique Byte Remapping Encryption

Anomali Cyber Watch | May 1, 2023

Anomali Cyber Watch: Two Supply-Chain Attacks Chained Together, Decoy Dog Stealthy DNS Communication, EvilExtractor Exfiltrates to FTP Server

Anomali Cyber Watch | April 25, 2023

Anomali Cyber Watch: Cozy Bear Employs New Downloaders, RTM Locker Ransomware Seeks Privacy, Vice Society Automated Selective Exfiltration

Anomali Cyber Watch | April 18, 2023

Anomali Cyber Watch: Aggressively-Mutating Mantis Backdoors Target Palestine, Fake Cracked Packages Flood NPM, Rorschach Ransomware Is Significantly Faster Than LockBit v.3

Anomali Cyber Watch | April 11, 2023

Anomali Cyber Watch: Balada Injector Exploits WordPress Elementor Pro, Icon 3CX Stealer Detected by YARA, Koi Loader-Stealer Compresses-then-Encrypts Memory Streams

Anomali Cyber Watch | April 3, 2023

Anomali Cyber Watch: Bitter Spies on Chinese Nuclear Energy, Kimsuky Takes Over Google Account to Infect Connected Android Devices, Bad Magic APT Targets Occupied Parts of Ukraine

Anomali Cyber Watch | March 28, 2023

Anomali Cyber Watch: Winter Vivern Impersonates Poland’s Combating Cybercrime Webpage, Trojanized Telegram Steals Cryptocurrency Keys from Screenshots, and More

Anomali Cyber Watch | March 20, 2023

Anomali Cyber Watch: Xenomorph Automates The Whole Fraud Chain on Android, IceFire Ransomware Started Targeting Linux, Mythic Leopard Delivers Spyware Using Romance Scam

Anomali Cyber Watch | March 14, 2023

Anomali Cyber Watch: Mustang Panda Adopted MQTT Protocol, Redis Miner Optimization Risks Data Corruption, BlackLotus Bootkit Reintroduces Vulnerable UEFI Binaries

Anomali Cyber Watch | March 7, 2023

Anomali Cyber Watch: CloudWizard Targets Both Sides in Ukraine, Camaro Dragon Trojanized ​​TP-Link Firmware, RA Group Ransomware Copied Babuk

Anomali Cyber Watch: Lancefly APT Adopts Alternatives to Phishing, BPFdoor Removed Hardcoded Indicators, FBI Ordered Russian Malware to Self-Destruct

Anomali Cyber Watch: Custom Virtual Environment Hides FluHorse, BabyShark Evolved into ReconShark, Fleckpe-Infected Apps Add Expensive Subscriptions

Anomali Cyber Watch: APT37 Adopts LNK Files, Charming Kitten Uses BellaCiao Implant-Dropper, ViperSoftX Infostealer Unique Byte Remapping Encryption

Anomali Cyber Watch: Two Supply-Chain Attacks Chained Together, Decoy Dog Stealthy DNS Communication, EvilExtractor Exfiltrates to FTP Server

Anomali Cyber Watch: Cozy Bear Employs New Downloaders, RTM Locker Ransomware Seeks Privacy, Vice Society Automated Selective Exfiltration

Anomali Cyber Watch: Aggressively-Mutating Mantis Backdoors Target Palestine, Fake Cracked Packages Flood NPM, Rorschach Ransomware Is Significantly Faster Than LockBit v.3

Anomali Cyber Watch: Balada Injector Exploits WordPress Elementor Pro, Icon 3CX Stealer Detected by YARA, Koi Loader-Stealer Compresses-then-Encrypts Memory Streams

Anomali Cyber Watch: Bitter Spies on Chinese Nuclear Energy, Kimsuky Takes Over Google Account to Infect Connected Android Devices, Bad Magic APT Targets Occupied Parts of Ukraine

Anomali Cyber Watch: Winter Vivern Impersonates Poland’s Combating Cybercrime Webpage, Trojanized Telegram Steals Cryptocurrency Keys from Screenshots, and More

Anomali Cyber Watch: Xenomorph Automates The Whole Fraud Chain on Android, IceFire Ransomware Started Targeting Linux, Mythic Leopard Delivers Spyware Using Romance Scam

Anomali Cyber Watch: Mustang Panda Adopted MQTT Protocol, Redis Miner Optimization Risks Data Corruption, BlackLotus Bootkit Reintroduces Vulnerable UEFI Binaries

Get the Anomali Newsletter

Explore more topics

Anomali

Anomali Cyber Watch

Anomali Match

Cyber Threat Intelligence

Malware

Modern Honey Network

Research

SIEM

STAXX

Splunk

Threat Intelligence Platform

ThreatStream

Anomali Cyber Watch: CloudWizard Targets Both Sides in Ukraine, Camaro Dragon Trojanized TP-Link Firmware, RA Group Ransomware Copied Babuk