Read insights, thought leadership, and platform updates.

The story of Operation Arachnophobia is not unlike a good spy novel; the characters aren’t who they appear to be, motives must always be questioned and the twists in the plot keep you guessing until the end. Our story begins in early August 2013 with the research blog “Where There is Smoke, There is Fire: South […]

I remember it like it was yesterday, the first few hours of basic training. I stood there cooking in the South Carolina humidity with a very loud and short man, named Drill Sergeant Doll screaming a few inches from my ear, “You need to shoot, move and communicate!” At the time, I had absolutely no […]

Earlier this week, we saw an article by Robert Ackerman Jr. on Dark Reading about crowdsourced threat intelligence and cyber security. Of course we were excited to see more discussion on threat intelligence and the value of collaboration. Robert states that challenges remain, and while we agree that some organizations have not yet found the […]

We saw recently that GCHQ is poised to create a threat intelligence sharing community between public and private organizations in the UK. We applaud this effort and hope that more organizations follow suit. In May, we launched a European Community of Interest  to achieve a similar goal of bringing together public and private organizations. A […]

Executive Summary: The term “Cow’s Tongue” is a reference to the Chinese recognized nine-dashed line which demarks a highly contested region also known as the South China Sea (SCS). Between July 2013 and May 2014, the ThreatConnect Research Team identified and shared multiple instances of Chinese Advanced Persistent Threats (APT), targeting numerous Southeast Asian entities, with […]

Have you ever taken the time to consider how you and your colleagues view cyber security? Does your security team share common viewpoints, or are there unique philosophical differences?  Do you all follow the same processes or do you each have your own unique way of doing things? It is these individual perspectives and experiences […]

Since the disclosure of the CVE-2014-0160 “Heartbleed” vulnerability, the industry has been abuzz with the traditional kneejerk responses that often plague most security teams, and justifiably so; many security practitioners are kissing their weekend goodbye, because this bug is big. The vulnerability has most notably affected the core security of many Web 2.0 consumer services […]

History is made when the notable details of past events are recorded and others can then learn from and study them. For example, you can go to any library and read about the Civil War. You can read about the many tactical skirmishes and battles. You can also learn about the outcomes of these tactical […]

In the context of the counter improvised explosive device (IED) mission, “left of boom” is what the Washington Post’s Rick Atkinson eluded to when he referenced the moment prior to when an IED explosive is detonated. For anyone who is familiar with the Lockheed Martin Kill Chain model, or has seen the authors present it; […]

In modern enterprises, signature based threat detection capabilities are still considered a fundamental building block in most network defense strategies.  To stay ahead of today’s sophisticated threats, you have to keep your signatures contextually relevant and up-to-date. Unfortunately, this is particularly challenging when the signature management tasks fall on the shoulders of a single individual, […]

Intelligence Sharing: The Dollars and “Sense” Behind It Within the ThreatConnect Research Team, we feel that sharing what we know, whether publicly or privately, helps to grow our organization. We see information sharing as a key investment area, allowing our team to more efficiently save time and money while helping us achieve broader organizational goals. […]

Today’s IT security professionals are faced with mounting piles of log files, suspected malicious email attachments, and malware samples that could provide evidence of an attempted intrusion into important networks. The ability to quickly triage these items is vitally important and there is no better way to make a quick assessment than having a large […]