Clik here to view.
Al-Qaeda and Snowden: Correlation, Causation, and Temporal Analysis
Our recent research on Al-Qaeda encryption again generated a tremendous amount of interest which we were thrilled to see, with stories in NPR, Wall Street Journal, Ars Technica, ABC News, Washington...
View ArticleClik here to view.
The Power of the Web: Anticipating Cyber Attacks
IT security teams are under siege, constantly defending against data breaches, IP theft, cyber crime, and other threats in a long and costly war. Interpol estimates cyber crime costs people and...
View ArticleClik here to view.
Integrating Recorded Future with Maltego
The after-action report from Black Hat 2014… Paterva’s Maltego product is a great “Swiss army knife” for researching IT infrastructure – whether the context is performing recon for pen-testing, reverse...
View ArticleClik here to view.
Putting Data in Perspective With Web Intelligence
Summary Government and private sector threat intelligence analysts are awash in data: both proprietary and open source. The evaluation of both – all-source analysis – provides analysts the perspective...
View ArticleClik here to view.
How Asprox Malware Became an APT in 4 Phases
Analysis Summary Asprox has four distinct development phases, most recently taking on APT-style obfuscation techniques. Asprox diversified its TTPS, utilizing new languages and attachment filenames...
View ArticleClik here to view.
ISIS Jumping from Account to Account, Twitter Trying to Keep Up
The following analysis was done in collaboration with Sky News. Analysis Summary ISIS supporters will create a new account, usually under a very similar name, almost immediately after their profile is...
View ArticleClik here to view.
How to Use the Information-Seeking Mantra in Cyber Intelligence Dashboards
This is the second post in our blog series, “Visualizing Cyber Intelligence.” In the previous post, we got a glimpse of two important contributions of Edward Tufte to the field of data visualization:...
View ArticleClik here to view.
How Pace University is Building the Next Generation of Cyber Security Analysts
Editor’s Note Cyber threat intelligence is a young area of security. Relatively few universities offer formalized instruction to prepare analysts for this specific problem set, and these curriculums...
View ArticleClik here to view.
Bashed and Shellshocked: Early Reports of Exploitation in the Wild
Lots of IT security teams are at work right now to patch the Shellshock vulnerability (CVE-2014-6271) ASAP – while keeping an eye on their threat intelligence sources for exploitation in the wild. And...
View ArticleClik here to view.
Rapidly Discover IOCs With Maltego and Recorded Future
Discovering and validating known indicators of compromise (IOCs) can be a daunting task for any cyber security operation. This is especially true if you do not have the luxury to pay for all of the...
View ArticleClik here to view.
Shellshock and Xen Remediation
This blog post summarizes our remediation of two high-profile software vulnerabilities. Shellshock CVE-2014-6271 Remediation On September 24, 2014, a security vulnerability dubbed Shellshock...
View ArticleClik here to view.
Why CISOs Are Investing in Cyber Threat Intelligence
Recently, we had the wonderful opportunity to host a webinar featuring Threat Intelligence Expert and Principal Analyst, Rick Holland of Forrester Research, Inc. Rick discussed why a chief information...
View ArticleClik here to view.
Discovering Sandworm IOCs With Recorded Future Maltego Transforms
Yesterday, iSIGHT Partners published a blog post announcing the discovery of CVE-2014-4114, a zero-day vulnerability used in a Russian cyber-espionage campaign. The campaign was dubbed Sandworm and...
View ArticleClik here to view.
221 of the Fortune 500 Have Exposed Credentials on the Web
Recorded Future analysis published in the “The Fortune 500’s Unfortunate 221″ threat intelligence report identified employee credential exposures for at least 44% of major US companies in 2014. These...
View ArticleClik here to view.
Exposed Corporate Credentials on the Open Web, a Real Security Risk
Last Friday, a New York Times article described how the recent online attack against JPMorgan was possibly connected to a data breach on a third-party website. The target mentioned in the article is...
View ArticleClik here to view.
3 Important Trends for ICS/SCADA Systems
Last week, we presented a webinar with the ICS/SCADA experts from Cimation. Industrial control systems (ICS) are the “nervous systems” that manage facilities and operations, everything from robotic...
View ArticleClik here to view.
Recorded Future Transforms for Maltego Now Available
We’re delighted to announce the release of Recorded Future transforms for Maltego! Why You Care These transforms make it simple and fast to fuse our information into Maltego investigations. If you’ve...
View ArticleClik here to view.
New Malicious Networks Discovered in Dark Hotel Malware Campaign
Analysis Summary Recorded Future discovered technical indicators that suggest malware used in the Dark Hotel campaign has been in the wild since 2009. The Dark Hotel malware campaign has links to...
View ArticleClik here to view.
Breaking the Code on Russian Malware
Russia poses a serious cyber threat to industrial control systems (ICS), pharmaceutical, defense, aviation, and petroleum companies. Russian government cyber operations aim to use malware to steal...
View ArticleClik here to view.
Organizing Big Data for Analysis
Since 2009, we have been building an index of the web for intelligence analysis. Consequently, we have lots of data at Recorded Future (billions of data points). But where does the data come from? And...
View Article