While it does not boast any special or complex installation tactics, Shlayer’s distribution vector has made it a tremendous success - the malware has been the most prevalent MacOS strain since its debut two years ago, never falling off its leading spot. Shlayer uses a well-known infection tactic – pressing on a bad link directs the victim to a fake Adobe Flash update.Read More
The first step in IOC analysis is obtaining the indicators to analyze. Some analysts will opt to stick with one source, and analyze whichever IOCs come their way, while others may search various sources for a specific threat type such as Ransomware, or threat such as Lokibot. Threat exchanges are open and free community platforms for information sharing and collaboration, and are an excellent source for IOCs. Another source for IOC collection which may come off as less intuitive is social media, with Twitter being the best SM platform to find new, relevant IOCs.
In this post, we will describe our Top 5 Free IOC Sources for Analysis.
Welcome To Our New Weekly Series, Free Open Source Analysis Tools.
This Week's Topic: Free Open-Source Analysis Tools, Why Use IOCs?
Throughout this series, we'll be talking about a Security Analyst’s IOC analysis journey. From discovering relevant indicators and performing the analysis, to finding enrichments and new IOCs. We will also share recommendations for free open-source analysis tools and use cases completed by ThreatSTOP's Security and Research Team, showing how to utilize the various platforms and tools. Let's get started.Read More
Imagine This: You have a precious and valuable treasure. You keep this treasure in your bedroom. Criminals come from all over the land, every night and day, laying siege to your home to steal this treasure. You have no gated community, no security patrol, no walls around your home, no doors or windows - and every fight with a criminal happens right there in your bedroom with your treasure just feet away. You know that one misstep, one lucky punch, and you lose your most precious treasure. It’s game over.
ThreatSTOP's Security team is adding multiple new targets based on the cybercrime-tracker to our expert and standard lists. These lists will better help our customers against various sources of cybercrime.Read More
Attacks on critical infrastructure are a top concern for government officials and the private sector alike. The ramifications of losing power can be life threatening and have a negative impact on operations of businesses and public services.Read More
The Wall Street Journal posted an interesting article regarding a recent shift in risk analysis concerning your company's audit committee.Read More