Cyber Daily FAQ

Where’s this data coming from?

The Recorded Future Cyber Daily email identifies specific technical indicators published recently that are currently trending in noteworthy ways. These IT security trends are culled from reporting by over 750,000 web sources across seven languages.

What’s the difference between this Cyber Daily and the one I receive as a customer?

The Cyber Daily Basic and Plus versions are complimentary resources for thousands of information security professionals. The Cyber Daily Enterprise version is for customers of Recorded Future only and includes organization of an increased data set. To learn more, please request a demo.

What are “Hits”?

The “Hit” count refers to the number of documents that reference that particular entity in Recorded Future’s data set during the previous 24 hours.

What defines “Related”?

Many sections contain a “Related” line. These values are products or technologies that appear prominently in the most recent reporting on this vulnerability. Some products and technologies come from Recorded Future’s curated taxonomies while others are detected based on language patterns. This is helpful in surfacing novel or less frequently discussed technology concepts, at the cost of some false-positive noise.

What defines “Top Threat Actors”?

This section highlights entities, both organizations and people, assigned a “threat actor” attribute that generated significant amounts of event reporting during the previous 24 hours.

What defines “Top Exploited Vulnerabilities”?

This section highlights identified vulnerabilities reported during the past 24 hours with language indicating malcode activity. These language indicators range from security research (“reverse engineering,” “proof of concept”) to malicious exploitation (“exploited in the wild,” “weaponized”). These vulnerabilities are usually different from the overall top vulnerabilities in the following section.

This section contains a “Related” line. Please refer to the preceding notes about this information.

What defines “Top Malware”?

This section highlights malware recently reported as used in cyber attack events. This section is oriented toward awareness of malware being reported as currently in use by threat actors.

This section contains a “Related” column. Please refer to the preceding notes about this information.

What defines “Top Suspicious IP Addresses”?

This section highlights IP addresses that have recently been reported with language indicating malicious activity. These language indicators include terms such as “malicious” and “exploit” or mention of IP addresses co-occurring with any malware entity.

We’ll apply an “Emerging” label next to any IP address which Recorded Future recently detected for the first time.

What editions of the Cyber Daily does Recorded Future offer?

Please review the table below.

Cyber Daily Edition
How Can I Get It?
What Does It Contain?
Cyber Daily (Free) Subscribe now. You get these top trending topics: Cyber News, Targeted Industries, Threat Actors, Exploited Vulnerabilities, Malware, and Suspicious IP Addresses.
Cyber Daily Plus (Free) Upgrade by referring two friends to subscribe to the Cyber Daily. You get the same Cyber News and Targeted Industries but double the indicators: Threat Actors, Exploited Vulnerabilities, Malware, and Suspicious IP Addresses.
Cyber Daily Enterprise (Paid) For customers. Request a demo. You get additional indicator types including top Targeted Companies and Operations.
Cyber Daily Custom (Paid) For customers. Request a demo. You get tailored threat intelligence to include specific threats to your company, partners, peers, and technologies.