HYAS Introduces Free Insight Intel Feed and Weekly Threat Intelligence Reports

SOURCE: HYAS

HYAS has introduced a free Weekly Threat Intelligence Report, compiled by Threat Intelligence Security Engineer David Brunsdon. The report is a curated analysis of what the threat intel team has seen within the HYAS Insight threat intelligence and investigation platform over the week just passed. The weekly report will regularly focus on the malware families and the generators of malware command and control (C2) traffic that the HYAS team deemed most significant over the past week.

Analysis for the week of April 1, 2024 by Adam Lopez, Director of Solutions Engineering at HYAS noted that a review of the top ASNs and malware origins generating C2 communications reveals involvement of ISPs from South Korea (AS9318), Italy (AS8968), the UK (AS216309 and AS216319), and Japan (AS7684). This underscores the global nature of cybersecurity threats. Malware does not discriminate by geography, affecting ISPs worldwide, indicating the pervasive risk across different network infrastructures. A recurring theme is the presence of malware activity despite the ISPs’ reputations for quality service.

“This suggests that even well-managed networks can become vectors for malware dissemination, highlighting the importance of constant vigilance, sophisticated monitoring, and robust security protocols to detect and mitigate threats,” Lopez said.

“The identification of specific malware families (Amadey, Redline, Urelas, Sality, Stealc) indicates a range of cyber threats, from information stealers to polymorphic viruses, showcasing the complexity and adaptability of cyber adversaries. The diversity of these threats necessitates a multifaceted security approach, combining technical, procedural, and educational strategies to counteract them effectively.”

New, Free Threat Intelligence Feed

HYAS also introduced the free HYAS Insight Intel Feed, providing subscribers with ongoing access to actionable intelligence which leverages data from diverse authoritative sources, including exclusive and private datasets, to provide unparalleled insights into emerging threats.

HYAS Insight Intel Feed leverages data from diverse authoritative sources, including exclusive, private, and commercial datasets, to provide organizations with unparalleled insights into emerging threats. It incorporates information on IP addresses, domains, and other forms of infrastructure leveraged by threat actors to orchestrate malicious activities.

“We recognize the pivotal role of actionable intelligence in tipping the scales in favor of defenders,” said Chris Needs, vice president of product management at HYAS.

Among cybersecurity blue, red and purple teamer use cases:

– Intelligence enrichment and improved context for SOAR, TIP, and threat intel management programs

– Real-time IOC/observables for detection and blocklisting

– SIEM event correlation and analysis

– Improves SOC teams’ triage process, incident response, and threat hunting

– Provides cyber threat intelligence (CTI) teams previously unavailable insight and analysis

– Gives fraud teams meaningful, powerful new investigative abilities

The aim is to provide timely and relevant insights into exploited infrastructure, enabling security teams and organizations to enhance their security posture and proactively mitigate risks.

“Our award-winning threat intelligence solution HYAS Insight helps organizations all over the world answer their key cyber security questions faster and get proactive against the threats that they face.  This feed provides a subset of that unique intelligence so that everyone can benefit.” said HYAS CEO David Ratner. “Just as with our foundational BlackMamba and EyeSpy AI research and proofs of concept, we’re offering this intel free for the advancement of the cybersecurity community.”

Registration for the feed is free at: https://pages.hyas.com/hyas-insight-intel-feed-registration

Click here to view more IT Briefcase content!