You are viewing 'threat intelligence'

The 2017 Global Threat Intelligence Report is out now

Jon-Louis Heimerl

April 25, 2017 - Posted by Jon-Louis Heimerl to Threat Intelligence

GTIR

We are excited to announce the publication of our new Global Threat Intelligence Report (GTIR). The report is our most comprehensive one yet. Analyzing content from NTT Group companies and data from our new Global Threat Intelligence Center, the GTIR highlights the latest phishing and ransomware attack trends, and the impact of today’s threats against global organizations.

Most cybersecurity reports are meant for security professionals. They are not intended for use by anyone without significant security knowledge and experience. But we have taken a different approach for this year’s GTIR. We want to provide a resource for educating everyone with security responsibilities, from security and IT professionals through to executives, management, and end users. In today’s... read more >

The NTT Security Global Threat Intelligence Center (GTIC)

Global visibility, leadership and roadmap empowering detection capabilities

Rob Kraus

April 11, 2017 - Posted by Rob Kraus to Threat Intelligence

Threat Intelligence

In a recent press release, NTT Security announced the formation of the Global Threat Intelligence Center (GTIC) as a natural evolution of the previously established Security Engineering and Research Team (SERT). As a founding member of the legacy SERT, and current director within the GTIC organization, I am excited to be part of this next great step.

This move marks a significant point in the future of NTT Security in its ability to address security threats, as NTT Security must bring together its international threat intelligence assets, to further enhance our global capabilities.

The GTIC’s mission, under the leadership of Steven Bullitt (VP Global Threat Intelligence), is to apply actionable and detailed insight with a focus on reducing risk for clients and customers. GTIC will... read more >

The NTT Security SERT Q4 ‘16 Threat Intelligence Report

Key points: decline in attacks, challenges in securing the retail industry, and an apparent increase in nation state-sponsored cyberattacks

Danika Blessman

January 26, 2017 - Posted by Danika Blessman to Threat Intelligence

NTT Security SERT Q4 Threat Intelligence Report

The NTT Security SERT (Security Engineering Research Team) released its Q4 ‘16 Threat Intelligence Report today.

During Q4 ’16, NTT Security researchers observed a noticeable shift in the types of attacks from previous quarters – particularly exhibited by a much narrower scope of attack vectors. Several vulnerabilities such as Oracle Server Backup in the retail industry and Linux password files in the finance industry were specifically targeted – likely indicative of criminals identifying specific flaws and crafting attacks to fit, a sign of more sophisticated and directed efforts.

This shift was also evident in an overall 35 percent decrease in total security-related events across client networks from Q3 ’16 to Q4 ’16, including continued declines of 25 percent in... read more >

DNS Threat Hunting

John Meyers

January 12, 2017 - Posted by John Meyers to Security Insight

DNS Threat Hunting

Recently, I read an article in SANS News Bytes about the Stegano malvertising campaign that was discovered by ESET Research. Instead of discussing this campaign in great detail, which ESET has already done, I am going to focus this blog on what you can do when information about a new malicious campaign becomes public.

One of the SANS News Bytes editors, Gal Shpantzer, recommended looking for the attack’s domain names in DNS logs. Most organizations do not retain their DNS traffic, but these can be a valuable source of information. In a corporate environment, having a historical record of traffic that traversed your network can aid in threat hunting, especially as new intelligence is made public. A SIEM is a... read more >

Malware Analysis in CRITs

Configuring Triage and Uploading Samples

Jacob Faires

November 03, 2016 - Posted by Jacob Faires to Security Insight

CRITs (Collaborative Research Into Threats) is a threat analysis platform that helps manage and track malicious actors, campaigns, and samples. Getting everything installed for CRITs can be a bit of a task, but the process is getting better. NTT Security has recently been using CRITs to aid in the analysis process. Setting up CRITs for triage is fairly straightforward. Today, I’m going to walk you through the configuration process.

Configure for Triage

Malware triage is the assessment of malware to determine severity and priority. Triage generally entails basic analysis of a sample in order to ascertain its nature and intent.

To configure triage in CRITs, access the Settings menu from the gear in the top left corner of the screen, and select Services under the CRITs Control Panel drop down.

... read more >

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | Older Entries >>

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)

LATEST TWEETS