Category: Recorded Future

Editor’s Note The following interview is with Stephen Coty and is from our Threat Intelligence Thought Leadership Series. Stephen is the chief security evangelist at Alert Logic. 1. What drives interest in threat intelligence in your community? What hole in your world does it fill? Threat intelligence analysts and their research is the backbone of…

We’re all aware that managing and remediating vulnerabilities is an essential component for effective information security. There is an ongoing need to identify, classify, remediate, and mitigate vulnerabilities that could compromise your network. Effectively assessing the risk from a given vulnerability is critical, as the security impact of remediating a specific vulnerability could be dramatically…

Key Takeaways Compliance doesn’t equal security. Keep your organization’s data safe with a proactive security mindset. Make better cyber security decisions by understanding threat actor TTPs. Help your red team prioritize targets for internal hunting and penetration testing by sharing TTP intelligence. Use TTP intelligence to inform internal security awareness training and user access controls.…

Analysis Summary Open sourcing unauthorized persistence with web shells for over 15 years. Web shells are a favorite Chinese speaking forum topic. Actor laziness leads to code reuse, but not enough to alert on functions or strings. b374k, b374k r3c0d3d, and WSO 2.1 are clear open source favorites (by mention). Static signatures that capture specificity…

Key Takeaways Recorded Future launches a new Intel Card for threat actor groups. Get content-rich, real-time alerts on new threat actor group activity. No more deciphering threat actor group aliases; get consolidated views of associated TTPs and IOCs. Researching and analyzing threat actor groups requires a significant effort in both time and resource. Identifying if…

Key Takeaways With the support of Recorded Future, St. Jude Medical experienced: 63% reduction on exploit kit traffic delivered via malvertising into the network. 28 times better detection of botnet traffic. 50% savings in analyst time for malicious IOC investigation. St. Jude Medical Center is saving lives across the world; with its global footprint and…

Editor’s Note The following interview is with Rob Kraus and is from our Threat Intelligence Thought Leadership Series. Rob is director of security research and strategy at Solutionary. 1. What drives interest in threat intelligence in your community? What hole in your world does it fill? When working to protect our clients, threat intelligence is…

Collecting, analyzing, and acting on threat intelligence is a dynamic process, and one that requires analysts to synthesize a lot of information — both in terms of volume and variety. Practically, this means that analysts typically use various tools and information — also known as “all-source analysis” — as part of their research and investigation…

Ondrej Krehel, chief executive officer at LIFARS, and Scott Donnelly, senior analyst at Recorded Future, recently presented a webinar on how LIFARS, a digital forensics, incident response, and cyber security intelligence provider, relies on Recorded Future to provide context and technical details that help LIFARS better understand the intricacies of dealing with the aftermath of…