Anomali detects adversaries and tells you who they are. Organizations rely on the Anomali Threat Platform to detect threats, understand the adversary, and respond effectively. Anomali arms security teams with machine learning optimized threat intelligence and identifies hidden threats targeting their environments. Anomali enables organizations to collaborate and share threat information among trusted communities and is the most widely adopted platform for ISACs worldwide.

For more information, visit our website below and follow us on Twitter @Anomali

Our Website:

Latest Content From Anomali

Research Report: Cybersecurity Insider 2018 Threat Intelligence Report

by AnomaliNov 29, 2018

Threat intelligence has become a significant weapon in the fight against cybersecurity threats, and a large majority of organizations have made it a key part of their security programs. Among the key findings of the report are that organizations are leveraging threat intelligence data for a number of use cases, and many rate themselves fairly competent in their use of threat intelligence to identify and remediate cyber threats.

Whitepaper: STIX/TAXII: What You Need to Know

by AnomaliNov 28, 2018

The old adage of "sharing is caring" is paramount within the cyber threat intelligence community. Quick and in-depth transfer of knowledge between individuals, organizations, products, and platforms can lead to improved prevention and mitigation of cyber-attacks.

Whitepaper: NotPetya: One Year Later

by AnomaliNov 28, 2018

Almost immediately following the WannaCry cyberattack, the NotPetya malware affected countries and organisations around the globe that had strikingly similar repercussions and lessons to take away. This attack exemplified the chronic failings organisations and nation-states continue to have despite the blatant and ongoing threats cyberspace poses. With cyberthreats remaining a critical issue for organisations, there is still a great deal organisations need to do to mitigate these for future resilience.

Whitepaper: Threatscape of the US Election

by AnomaliNov 28, 2018

The 2018 US election is a complex cyber security landscape.Threat actors have a multitude of vectors that could be utilized for malicious purposes.

Research Report: United States of America Cybersecurity Profile from Anomali Labs

by AnomaliOct 22, 2018

The most powerful country in the world has one of the oldest and most sophisticated cybersecurity programs. Attributed to attacks against countries like Iran, including Stuxnet. The United States has a track record of using offensive techniques against potential threats to national security.

The United States has an increasingly complex foreign policy climate, which is likely to create events in which offensive cyber-attacks will be weighed as an option. In order for cyber defenses to prepare for adversaries at the individual, organized-crime, and government level, they must understand how the country tactically operates and why they strategically choose to do so.

This research report from Anomali Labs provides a thorough examination of the United States, including:

• Current Political, Economic, and Security Landscape
• National Cyber Strategy
• Intelligence Apparatus
• Previous Activity
• Future Concerns: China, Russia, Iran, DPRK, Pakistan

Download the full profile.

Research Report: SANS 2018 Threat Hunting Survey Results

by AnomaliOct 22, 2018

Threat Hunting is Not Simply a Compromise Assessment or Continuous Security Monitoring

Ultimately, threat hunting is an approach that drives security benefits across the organization by making sure that human adversaries are met by human defenders who are taking full advantage of the environment that they defend.

Top survey findings:

• Threat intelligence leads threat hunting
• Trained staff are key to running threat hunting engagements
• Hunting showing that organizations are using intelligence properly
• Threat hunting is helping organizations find threats more effectively

Get the report to find out about the top findings and how to implement good threat hunting practices.

Research Report: The Changing Landscape of U.S. Election Security

by AnomaliOct 22, 2018

Protecting the Sanctity of the Ballot Box Against Cyberthreats Depends On Legislation, Enforcement, and Sharing Up-To-Date Threat Intelligence Data

Confidence in the honesty of election system has hit record lows, yet the federal executive branch still has not articulated an overarching strategy and plan of action to secure them. Disparate election systems operate with little standardization and no unified oversight, making them particularly vulnerable in the face of growing cybersecurity threats.

Government entities will need to ensure that every citizen has the right to secure vote, in order to ensure that all constituents have confidence that their votes will count.

Here are some of the issues addressed:

• The varying levels of cyber-readiness at the state and municipal levels
• Different legislation that has passed or halted around election security
• How threat intelligence technology can be adopted as the first line of defense

Get the report!

Whitepaper: Turkish Hacktivists Respond to US Sanctions: Anomali Labs Cyber Threat Brief

by AnomaliOct 22, 2018

Escalation Between Turkey and the US Provokes a Response from Cyber Groups

The recent escalation in tensions between the United States and Turkey over the detention of pastor Andrew Brunson has prompted Turkish patriotic hacktivists groups to target American websites.

Historically, the two most prominent hacktivist groups Aslan Neferler Tim (ANT) and Turk Hack Team (THT) have reacted to political issues impacting Turkey, by targeting the perceived adversary with low-level nuisance attacks such as web defacements and Distributed Denial of Service attacks (DDoS). As the political situation deteriorates, Anomali expects to see an increase in hacktivist related activity targeting American websites.

This brief will run through a few key points of the escalation, with a focus on the Turkish hacktivist groups ANT and THT.

Read the brief for the latest on Turkey and US relations.

Whitepaper: WannaCry: One Year Later

by AnomaliOct 01, 2018

This white paper analyses the WannaCry ransomware attack that occurred in May 2017. It delves into how things have evolved in the past year to observe whether companies and organizations have modified and changed to address the issues WannaCry highlighted. The report investigates the technical aspects of the attack, the consequences for organizations, and the lessons learned.

Good cybersecurity behaviors like immediately implementing critical patches to systems, utilizing multi-factor authentication, having cold backup storage that is frequently updated, adequate training for employees is critical to reducing the likelihood that your organization has of being impacted by significant cyber-attacks.

It has been observed that organizations that utilize these practices and policies are at a considerably lower risk of being affected by threat actors. These practices effectively improve organizational security from a variety of fronts and remain the best way that companies can improve their cyber resilience.

Whitepaper: Email Spoofing a Threat to the 2018 Midterm Elections

by AnomaliSep 13, 2018

Can Lightning Strike the US Elections Twice?

Based on the research findings, close to 96% of the evaluated State, District of Columbia, and Territory elections offices and online voter registration sites remain highly susceptible to email spoofing attacks.

Anomali Labs reviewed the last two years of election-related threat reporting from government agencies, vendors, and news media. We found that phishing and spear-phishing (highly personalized, targeted phishing) emails are often a pre-cursor for obtaining unauthorized access to target systems and networks, presumably for election interference purposes.

The team evaluated and defined, three authentication protocols, one DNS resolution security control, two secure mail server controls. They recommend implementing email security controls such as SPF, DKIM, DMARC, STARTTLS, DNSSEC, and DANE to ensure the integrity and confidentiality of election site email systems and remove common attack vectors from threat actors' arsenals.

Review the findings before the midterms.