true
Blog Kaspersky Labs recently released a report describing a coordinated attack focused on industrial…

Kaspersky Labs recently released a report describing a coordinated attack focused on industrial…

Kaspersky Labs recently released a report describing a coordinated attack focused on industrial companies that targeted some 500 companies in 50 countries. The attackers gained an initial foothold using spearphishing and the emails contained attachments with malicious payloads. Their analysis also categorizes the malicious attachments into various Remote Access Toolkits (RATs) like Pony, njRAT, JRAT and others.

We analyzed the IoC’s released in the Kaspersky report and cross referenced them against TruSTAR incident reports and found correlations with reports dating back to May 2016. The analysis also provided contextual enrichment and attacker details that help you go beyond just blocking and tackling based on the IoC’s.

To make all this analysis more useful we have submitted a curated version of the Kaspersk IoC’s to the COMMUNITYand you can analyze these correlations in TruSTAR Station. You can also export the correlated IoC’s (FireEye Tap, STIX, CSV) and add them to your firewall/IPS/SIEM to monitor your infrastructure. We also recommend you submit the IoC’s from this report to your enclave and see how they correlate with your own data.

If you see something interesting we would love for you to get in touch with us, or even release your own insights to the community. We will roll out an upgraded version of chat next week so we can begin to have dialogue of these reports and events going forward. The upgraded version of chat will include alerts and notifications for reports of interest and we will be adding more capabilities over the next few weeks.

IBM & City of Los Angeles Select TruSTAR to Build Security Tool for Local Businesses On Tuesday, at the 2019 LA Cyber Lab Summit, The City of Los Angeles announced their business partnership with IBM Security and TruSTAR to help local ... Read More
Making Sense of Unstructured Intelligence Data Using NLP The push towards structuring threat intelligence data has gained new momentum with the proliferation of new intelligence sharing ontologies like ... Read More
TruSTAR’s Paul Kurtz Talks To Executive Director of IT-ISAC About the Benefits of Intelligence Fusion   In the past twenty years, companies have deployed more technology, processes, and people to defend its applications and systems than ever before… ... Read More
TruSTAR To Present Blockchain Research Tool At ShmooCon 2019 TruSTAR is headed to ShmooCon 2019! As a follow-on to our blockchain research debut at Black Hat and DEF CON 2018, TruSTAR will present a second ... Read More