Posts
-
Oct 10th, 2018
Top 5 ThreatConnect Resources for Malware Analysis
Malware Analysis. Some may say it’s the most exciting part of the job, right? You have something you know is bad. What’s it do? How’s it run? Where’d it come from? These are qu
-
Jul 27th, 2018
Kinetic and Potential Energy Framework: Applying Thermodynamics to Threat Intelligence
ThreatConnect proposes a framework for evaluating and triaging indicators based on physical energy properties All variety of scientists, from chemists to physicists and engineers, measure kinetic and
-
Apr 4th, 2018
Don’t Get Caught Up in the Hype of AI for Security
Don’t get caught up in the hype of artificial intelligence or machine learning. Does the product correlate and analyze alerts? When Nails are Exciting, Everyone Wants to Talk about Hammers…
-
Jan 11th, 2018
Duping Doping Domains
Possible Fancy Bear Domains Spoofing Anti-Doping and Olympic Organizations Update – 1/19/18 We recently identified two additional domains — login-ukad[.]org[.]uk and adfs-ukad[.]org[.]uk &
-
Dec 28th, 2017
Please Do Not Feed the Phish
How to Avoid Phishing Attacks We’ve all heard the phishing attack stories that start with someone receiving an email that requests an urgent invoice review or password change, and ends with a da
-
Nov 14th, 2017
ThreatConnect Provides a Report on Healthcare and Medical Industry Threats
Learn about the threats and how to protect your healthcare organization Summary Medical and health organizations, which include organizations operating in the pharmaceutical sector, face a variety of
-
Sep 18th, 2017
Casting a Light on BlackEnergy
A look into BlackEnergy malware and using ThreatConnect to aggregate and memorialize the identified intelligence. As workers prepared to head home on December 23, 2015, an attack against Ukraine’
-
Jul 21st, 2017
Finding Nemo(hosts)
How to identify potential malicious infrastructure using ThreatConnect, DomainTools, and more All that is bad is not known Individual indicators are often highly perishable, but understanding the patt
-
Jun 14th, 2017
Phantom of the Opaera: New KASPERAGENT Malware Campaign
KASPERAGENT Malware Campaign resurfaces in the run up to May Palestinian Authority Elections ThreatConnect has identified a KASPERAGENT malware campaign leveraging decoy Palestinian Authority docume
-
May 18th, 2017
When Dumpster Fires Make You WannaCry
Stepping back and taking stock of WannaCry lessons learned During the afternoon on Friday May 12th, WannaCry ransomware infections broke out at several UK National Health Service (NHS) medical facilit
-
Apr 26th, 2017
Parlez-vous Fancy?
ThreatConnect Reviews Potential Fancy Bear Activity Targeting the French Election Runoff In the run up to the French election runoff between Emmanuel Macron and Marine Le Pen, ThreatConnect reviews in
-
Feb 27th, 2017
Measuring the Detection and Response Gap
Measuring the Detection and Response Gap Despite efforts to stockpile the best technology and assemble an army of defenders, today’s security organizations struggle with inefficiencies. Threat a