Posts
-
May 29th, 2015
The Cost of Bad Threat Intelligence
The Cost of Bad (and Value of Good) Threat Intelligence Written by Andy Pendergast, co-author of the Diamond Model for Intrusion Analysis Earlier this week, Sergio Caltagirone. published an article on
-
May 26th, 2015
Threat Intelligence Sharing: Empower Your Cyber Defense
I am excited to see threat intelligence sharing is catching on as a way to empower cyber security defenders with timely, relevant, and actionable threat intelligence data. I believe, and I actually
-
May 5th, 2015
What’s the RSA Conference About, Daddy?
Like many of my infosec brethren and sistren (yep; apparently it’s a word), I leave some sad kids behind every year as I make the annual pilgrimage to the RSA 2015 Conference. This year, my 8 year o
-
Apr 15th, 2015
What the Verizon DBIR Says About Threat Intelligence Sharing
Before we get started on Verizon’s 2015 Data Breach Investigations Report (DBIR), let’s address the elephant in the room. I created the DBIR back in 2008 and have led the excellent team that produ
-
Mar 23rd, 2015
Is Your Threat Intelligence Platform Just a Tool?
“If the only tool you have is a hammer, you tend to see every problem as a nail.” Abraham Maslow Throughout the enterprise there are security personnel using a variety of processes and tools to co
-
Mar 18th, 2015
Premera Latest Healthcare Insurance Agency to be Breached
Similarities with Wellpoint/Anthem Event Should be Understood The recent announcement from Premera Blue Cross Blue Shield that it has fallen victim to a sophisticated cyber attack that reportedly comp
-
Jan 12th, 2015
ThreatConnect Communities: A Swiss Army Knife in Your Collaboration Arsenal
ThreatConnect Communities have become the indispensable Swiss army knife in the analyst collaboration arsenal this past year. While our community blueprint has always included – a “Common Commun
-
Dec 21st, 2014
Operation Poisoned Helmand
In this day and age of interconnected cloud services and distributed content delivery networks (CDNs), it is important for both CDN service providers and security professionals alike to recognize and
-
Oct 6th, 2014
Debugging the Pakistan Cyber Army: From Pakbugs to Bitterbugs
For over a year, the ThreatConnect Research Team has been tracking Pakistan-based cyber espionage activity associated with a custom malware implant recently dubbed “BITTERBUG.” In August of 2013
-
Aug 5th, 2014
Operation Arachnophobia: The Spy-der Who Loved Me
The story of Operation Arachnophobia is not unlike a good spy novel; the characters aren’t who they appear to be, motives must always be questioned and the twists in the plot keep you guessing until
-
Jul 3rd, 2014
Getting Back to the Basics of Actionable Threat Intelligence
I remember it like it was yesterday, the first few hours of basic training. I stood there cooking in the South Carolina humidity with a very loud and short man, named Drill Sergeant Doll screaming a f
-
May 19th, 2014
Piercing the Cow’s Tongue: China Targeting South China Seas Nations
Executive Summary: The term “Cow’s Tongue” is a reference to the Chinese recognized nine-dashed line which demarks a highly contested region also known as the South China Sea (SCS). Between Jul