-
Apr 4th, 2018
Don’t Get Caught Up in the Hype of AI for Security
Don’t get caught up in the hype of artificial intelligence or machine learning. Does the product correlate and analyze alerts? When Nails are Exciting, Everyone Wants to Talk about Hammers…
-
Mar 16th, 2018
A Song of Intel and Fancy
A case study tracking adversary infrastructure through SSL certificate use featuring Fancy Bear/APT28/Sofacy. A long time ago, in a galaxy… No. Stop. We’re not doing that anymore. Instead,
-
Feb 9th, 2018
Query a Host or URL Indicator in Archive.org’s Wayback Machine
One-Click querying of the Wayback Machine See if a website has been archived in the Wayback Machine ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repeti
-
Jan 12th, 2018
Playbook Fridays: Using Playbooks to populate custom attributes
Create Custom Attribute Types and Validation Rules, then use Playbooks to populate them automatically I was working with a customer who wanted to use ThreatConnect’s Task and workflow features l
-
Jan 11th, 2018
Duping Doping Domains
Possible Fancy Bear Domains Spoofing Anti-Doping and Olympic Organizations Update – 1/19/18 We recently identified two additional domains — login-ukad[.]org[.]uk and adfs-ukad[.]org[.]uk &
-
Dec 28th, 2017
Please Do Not Feed the Phish
How to Avoid Phishing Attacks We’ve all heard the phishing attack stories that start with someone receiving an email that requests an urgent invoice review or password change, and ends with a da
-
Dec 15th, 2017
Playbook Fridays: Task Management
Playbook Fridays: Task Management Simulate a task in ThreatConnect which can be modified to recur daily, weekly, or monthly ThreatConnect developed the Playbooks capability to help analysts automa
-
Nov 14th, 2017
ThreatConnect Provides a Report on Healthcare and Medical Industry Threats
Learn about the threats and how to protect your healthcare organization Summary Medical and health organizations, which include organizations operating in the pharmaceutical sector, face a variety of
-
Oct 27th, 2017
Playbook Fridays: How to Query Abuse.net with Playbooks
Query abuse.net for abuse contacts registered to a domain ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repetitive tasks so they can focus on what is mo
-
Oct 25th, 2017
DNC Association Does Not Compute
Joining the cyber community to conduct independent analysis of the DNC Hack Recently, an article purported that the Democratic National Committee (DNC) turned down requests from FBI forensic units to
-
Oct 20th, 2017
Playbook Fridays: Taking Screenshots with a Playbook
Playbook Fridays: Screenshot Capture Playbook ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repetitive tasks so they can focus on what is most important
-
Oct 13th, 2017
Playbook Fridays: How to Control the Cloud with Playbooks
Playbook Fridays: How To Control The Cloud With Playbooks Interacting with SNS from ThreatConnect Playbooks ThreatConnect developed the Playbooks capability to help analysts automate time consuming an