You are viewing 'threat intelligence'
We are excited to announce the publication of our new Global Threat Intelligence Report (GTIR). The report is our most comprehensive one yet. Analyzing content from NTT Group companies and data from our new Global Threat Intelligence Center, the GTIR highlights the latest phishing and ransomware attack trends, and the impact of today’s threats against global organizations.
Most cybersecurity reports are meant for security professionals. They are not intended for use by anyone without significant security knowledge and experience. But we have taken a different approach for this year’s GTIR. We want to provide a resource for educating everyone with security responsibilities, from security and IT professionals through to executives, management, and end users. In today’s... read more >
Global visibility, leadership and roadmap empowering detection capabilities
In a recent press release, NTT Security announced the formation of the Global Threat Intelligence Center (GTIC) as a natural evolution of the previously established Security Engineering and Research Team (SERT). As a founding member of the legacy SERT, and current director within the GTIC organization, I am excited to be part of this next great step.
This move marks a significant point in the future of NTT Security in its ability to address security threats, as NTT Security must bring together its international threat intelligence assets, to further enhance our global capabilities.
The GTIC’s mission, under the leadership of Steven Bullitt (VP Global Threat Intelligence), is to apply actionable and detailed insight with a focus on reducing risk for clients and customers. GTIC will... read more >
Key points: decline in attacks, challenges in securing the retail industry, and an apparent increase in nation state-sponsored cyberattacks
During Q4 ’16, NTT Security researchers observed a noticeable shift in the types of attacks from previous quarters – particularly exhibited by a much narrower scope of attack vectors. Several vulnerabilities such as Oracle Server Backup in the retail industry and Linux password files in the finance industry were specifically targeted – likely indicative of criminals identifying specific flaws and crafting attacks to fit, a sign of more sophisticated and directed efforts.
This shift was also evident in an overall 35 percent decrease in total security-related events across client networks from Q3 ’16 to Q4 ’16, including continued declines of 25 percent in... read more >
Recently, I read an article in SANS News Bytes about the Stegano malvertising campaign that was discovered by ESET Research. Instead of discussing this campaign in great detail, which ESET has already done, I am going to focus this blog on what you can do when information about a new malicious campaign becomes public.
One of the SANS News Bytes editors, Gal Shpantzer, recommended looking for the attack’s domain names in DNS logs. Most organizations do not retain their DNS traffic, but these can be a valuable source of information. In a corporate environment, having a historical record of traffic that traversed your network can aid in threat hunting, especially as new intelligence is made public. A SIEM is a... read more >
Configuring Triage and Uploading Samples
CRITs (Collaborative Research Into Threats) is a threat analysis platform that helps manage and track malicious actors, campaigns, and samples. Getting everything installed for CRITs can be a bit of a task, but the process is getting better. NTT Security has recently been using CRITs to aid in the analysis process. Setting up CRITs for triage is fairly straightforward. Today, I’m going to walk you through the configuration process.Configure for Triage
Malware triage is the assessment of malware to determine severity and priority. Triage generally entails basic analysis of a sample in order to ascertain its nature and intent.
To configure triage in CRITs, access the Settings menu from the gear in the top left corner of the screen, and select Services under the CRITs Control Panel drop down.
... read more >