Malware Intelligence Dashboards


Anomali Threat Research has released two, Malware Intelligence focused dashboards to assist cybersecurity and cyber threat intelligence professionals in organizing IOCs and strategic intelligence on relevant threats. These two dashboards are titled:

  • Malware Intelligence – Ransomware
  • Malware Intelligence – Remote Access Tools and Trojans

Ransomware and remote access tools and trojans are malware types used by threat actors spanning all levels of sophistication, from cybercriminal to advanced persistent threat to nation-state. Ransomware threat actors continue to be highly active and generate significant amounts of illicit funds, and learning more about how these threat actors operate can assist in taking proactive measures against such attacks.

Remote access tools are persistently abused by threat actors for malicious purposes. Knowing which tools the actors use and how they are used is important when making cybersecurity decisions to protect against this malware type; among numerous other variables.

These Malware Intelligence dashboards help amalgamate relevant information into a centralized location to assist in providing crucial contextual information in addition to the most recent IOCs made available through commercial and open-source threat feeds that users manage on ThreatStream.

Dashboards in ThreatStream provide a quick, digestible and timely source of key metrics on threat intelligence indicators. In ThreatStream you can access a number of different dashboard types: standard dashboards available out of the box; themed dashboards developed by the Anomali Threat Research Team; custom dashboards defined by by you; and specialized dashboards to support our Intelligence Initiatives or Lens+ specific data. From this month we greatly improve how an individual user can organize their dashboard views, enabling them to easily hide or show any dashboards available to them. Users show or hide any of the standard dashboards, as well as up to 10 other dashboards at any time. Management and ordering is now simplified so users can drag and drop visible dashboards to reorder according to priority and preference.

Key Capabilities

  • Users can now granularly manage their dashboards from across their organization and supplementary sources
  • Dashboards can be drawn from a library created by / visible to the user
  • Users can show / hide any standard ThreatStream dashboards
  • User can develop up to 10 custom dashboards for display.
  • Users will be able to drag and drop to edit the dashboard order and specify the user’s default dashboard (from April).
  • Customers can still avail of the Custom and ATR themed dashboards as previously

Benefits

  • Easy management of the rich set of dashboards available in ThreatStream
  • Quickly and easily access the right insights at the right time, in the right display order
  • Note: This screen now uses our new user interface design style – we hope you like it!

Malware Intelligence – Ransomware

Pulls OSINT and primary intelligence feeds related to ransomware samples, actors who use ransomware, and TTPs associated with known ransomware families, among others, and displays the data in 10 widgets.

Observables, IOCs, and threat models related to ransomware.

Malware Intelligence – Remote Access Tools and Trojans

Pulls OSINT and primary intelligence feeds related to remote access tool and trojan samples, actors who use these tools and trojans, and TTPs associated with known remote access tool and trojan families, among others, and displays the data in 10 widgets.

Malware Intelligence - Remote Access Tools and Trojans Dashboard

!function(f,b,e,v,n,t,s)
{if(f.fbq)return;n=f.fbq=function(){n.callMethod?n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,document,’script’,’https://connect.facebook.net/en_US/fbevents.js’);fbq(‘init’,’2115220198489652′);fbq(‘track’,’PageView’);



Source link