6 of Our Most-Read Analysis Pieces From 2015

Where We’ve Been

Threat intelligence, in the cyber security realm, has grown steadily as a key function over the past few years. Security experts have long known that understanding one’s adversaries and the tactics, techniques, and procedures (TTPs) they use is beneficial to identifying threats. It’s getting in front of the threat, though, that has been the problem. As an under-staffed, under-funded department, security’s legacy is in chasing threats, exploits, and breaches.

Enter 2015: Over the last year it seems that everywhere you turn — in security, in the mainstream media, in corporate boardrooms — someone is talking about how to proactively search for clues on cyber attackers’ plans and motivations. No one wants to be the next victim, and certainly not the latest headline; avoiding the spotlight is best achieved through a mature threat intelligence program.

What’s Hot

You, our customers and readers, have proven with your clicks and views that threat intelligence is top-of-mind.

Data analysis is what we do best, so Recorded Future analyzed our own Web and blog traffic and found that you most want to read about new trends — but not the same old lame predictions about security gaining more attention at the board level or how there’s a shortage of security talent. Those are important topics, too, but our traffic indicates that security professionals want to understand:

• How attackers are operating.
• Where their efforts are focused.
• Who their next target will be.
• What information they most value.
• What concrete data has been found that indicates a threat or an executed exploit.

Recorded Future’s top threat intelligence blog posts from 2015 are:

Gone in a Flash: Top 10 Vulnerabilities Used by Exploit Kits: Recorded Future analyzed thousands of Web sources and identified the top vulnerabilities used by exploit kits; Adobe Flash dominates the list with 8 out of 10.

Stripping Tor Anonymity: Database Dumps, Illegal Services, Malicious Actors: Through link and network analysis of our data, Recorded Future ties the use of Tor exit nodes to the use of illegal services and specific malicious actors.

Iranian Hackers’ Rising Interest in Targeting Android Systems with DroidJack, AndroRAT: Recorded Future’s latest threat intelligence from the Web shows that threat actors on Iranian hacking forums are distinctly interested in targeting Android systems.

Hacker Forum Traffic Analysis: ‘Patch Tuesday … Exploit Wednesday’ and Other Patterns: In this post, Recorded Future analyzes a prominent Russian hacker forum at message traffic level to determine whether forum participants pose a threat.

New Reports Identifies Government Credentials on the Open Web: Recorded Future identified the possible exposures of login credentials for 47 U.S. government agencies across 89 unique domains.

Lizard Squad: Two Bot Thugs: Recorded Future analyzed Web activity related to Lizard Squad to provide insight into how the hacker group operates and the threats they may cause.

It seems that you, too, are data junkies like us, because all of these posts focus on proprietary data collection and analysis conducted by Recorded Future, and reveal new threat intelligence trends or indicators of compromise.

The Road Ahead

If one thing is clear from the past year, it’s that security needs to be more proactive and forward-thinking; it’s what we’ve built our product around, after all! So we’re not stopping in 2015, and we hope you come along with us into 2016.

We’ll continue to publish detailed research findings on our blog and work with our partners to develop innovative methods of delivering actionable threat intelligence to the market. As long as threats are emerging, Recorded Future will continue to create threat intelligence from Web data to help you stay ahead of cyber attacks.

Want to chat about which threat intelligence trends are impacting your company and industry? Contact us today and learn how to find your attackers before they find you.