Featured Post ─

Transforming Threat Intelligence with Maltego + HYAS

Maltego is a popular data visualization tool that links data together in relationship graphs. The graphs are composed of entities that have unique properties. There are many link analysis tools capable of representing relationships in data, but a major benefit of Maltego is that users can seamlessly integrate data from disparate sources into an investigation by running Maltego Transforms that fetch new data and plot it on the graph as Entities. There are many fantastic sources of data that can be combined, accessible via the Maltego Transform Hub.

HYAS

HYAS

April 15, 2021

Featured Post ─

Protective DNS with HYAS Protect: CISA/NSA Guidance

The National Security Agency (NSA) and Cybersecurity and Infrastructure Agency (CISA) have released a joint information sheet that offers guidance on the benefits of using a protective DNS service and how to choose and implement a protective DNS solution. This publication details the benefits of using a protective Domain Name System (PDNS) service along with cybersecurity best practices around protective DNS. HYAS™ Protect is not only a highlighted solution, but also one of the most innovative and effective. 

HYAS

HYAS

March 29, 2021

Featured Post ─

Series B: Scaling the Paradigm Shift

Raising money is often anti-climatic --- the fundraising process is done, and it’s right back to execution and growth.  It’s important to occasionally sit back and reflect.

David Ratner

David Ratner

February 25, 2021

Blog

Transforming Threat Intelligence with Maltego + HYAS
Blog

Transforming Threat Intelligence with Maltego + HYAS

Maltego is a popular data visualization tool that links data together in relationship graphs. The graphs are composed of entitie...

HYAS

HYAS

April 15, 2021

HYAS Insight: Detonating Malware, Understanding Adversary Command & Control
Blog

HYAS Insight: Detonating Malware, Understanding Adversary Command & Control

HYAS Insight continues to be instrumental to organizations wanting to understand the adversary infrastructure that is behind cyb...

HYAS

HYAS

March 29, 2021

Protective DNS with HYAS Protect: CISA/NSA Guidance
Blog

Protective DNS with HYAS Protect: CISA/NSA Guidance

The National Security Agency (NSA) and Cybersecurity and Infrastructure Agency (CISA) have released a joint information sheet th...

HYAS

HYAS

March 29, 2021

Understanding Cyber Threats: Criminal Gangs, Nation-State Actors, and Script Kiddies
Blog

Understanding Cyber Threats: Criminal Gangs, Nation-State Actors, and Script Kiddies

A Gartner analyst recently asked me what HYAS thought was the number of organized cybercriminal gangs operating around the world...

Todd Thiemann

Todd Thiemann

March 22, 2021

HYAS Protect Integration with Microsoft Defender for Endpoint
Blog

HYAS Protect Integration with Microsoft Defender for Endpoint

HYAS Protect provides a leap forward by utilizing authoritative knowledge of attacker infrastructure including unrivaled domain-...

HYAS

HYAS

February 26, 2021

Series B: Scaling the Paradigm Shift
Blog

Series B: Scaling the Paradigm Shift

Raising money is often anti-climatic --- the fundraising process is done, and it’s right back to execution and growth.  It’s imp...

David Ratner

David Ratner

February 25, 2021

Lazarus Group “Operation Dream Job”: Lessons in Attack Infrastructure
Blog

Lazarus Group “Operation Dream Job”: Lessons in Attack Infrastructure

The Lazarus Group (aka Hidden Cobra, Labyrinth Chollima, Zinc, Guardians of Peace) is a threat actor group that has been attribu...

HYAS Intel Team

HYAS Intel Team

February 11, 2021

Inside Ryuk Crime (Crypto) Ledger & Asian Crypto Traders
Blog

Inside Ryuk Crime (Crypto) Ledger & Asian Crypto Traders

The following article is co-authored by threat intelligence researchers from HYAS and Advanced Intelligence and cross-posted to ...

HYAS Intel Team

HYAS Intel Team

January 7, 2021

The SolarWinds Hack: Understanding The Adversary Infrastructure
Blog

The SolarWinds Hack: Understanding The Adversary Infrastructure

The capabilities and possible victims of the recent SolarWinds hack and the SunBurst backdoor are becoming clearer as the cybers...

HYAS Intel Team

HYAS Intel Team

December 23, 2020

Mapping Adversary Infrastructure: A Real-world (North Korean) Example
Blog

Mapping Adversary Infrastructure: A Real-world (North Korean) Example

The news article “Hackers use fake media domains to trick North Korea researchers” by Nils Weisensee appeared in NKNews.org on D...

HYAS Intel Team

HYAS Intel Team

December 22, 2020

Simplifying Threat Investigations: New HYAS Insight Playbooks for Microsoft Azure Sentinel
Blog

Simplifying Threat Investigations: New HYAS Insight Playbooks for Microsoft Azure Sentinel

The HYAS Insight Logic Apps connector for Microsoft Azure Sentinel was announced and generally available in October and is alrea...

HYAS

HYAS

December 9, 2020

DNS: The High Fidelity but Underutilized Threat Signal
Blog

DNS: The High Fidelity but Underutilized Threat Signal

Malware in general, and ransomware in particular, is the scourge of enterprises today. You can look at the headlines around inci...

Todd Thiemann

Todd Thiemann

December 1, 2020

Threat Reports

Lazarus Group “Operation Dream Job”: Lessons in Attack Infrastructure
Threat Reports

Lazarus Group “Operation Dream Job”: Lessons in Attack Infrastructure

The Lazarus Group (aka Hidden Cobra, Labyrinth Chollima, Zinc, Guardians of Peace) is a threat actor group that has been attribu...

HYAS Intel Team

HYAS Intel Team

February 11, 2021

Inside Ryuk Crime (Crypto) Ledger & Asian Crypto Traders
Threat Reports

Inside Ryuk Crime (Crypto) Ledger & Asian Crypto Traders

The following article is co-authored by threat intelligence researchers from HYAS and Advanced Intelligence and cross-posted to ...

HYAS Intel Team

HYAS Intel Team

January 7, 2021

The SolarWinds Hack: Understanding The Adversary Infrastructure
Threat Reports

The SolarWinds Hack: Understanding The Adversary Infrastructure

The capabilities and possible victims of the recent SolarWinds hack and the SunBurst backdoor are becoming clearer as the cybers...

HYAS Intel Team

HYAS Intel Team

December 23, 2020

Mapping Adversary Infrastructure: A Real-world (North Korean) Example
Threat Reports

Mapping Adversary Infrastructure: A Real-world (North Korean) Example

The news article “Hackers use fake media domains to trick North Korea researchers” by Nils Weisensee appeared in NKNews.org on D...

HYAS Intel Team

HYAS Intel Team

December 22, 2020

Latest Roaming Mantis Campaign Targets Banks in Japan and Turkey
Threat Reports

Latest Roaming Mantis Campaign Targets Banks in Japan and Turkey

Summary Roaming Mantis is a Chinese-speaking threat actor group that has been active since at least 2017. The group primarily ta...

HYAS Intel Team

HYAS Intel Team

December 14, 2020

The “Silent Night” Zloader/Zbot
Threat Reports

The “Silent Night” Zloader/Zbot

ZeuS is probably the most famous banking Trojan ever released. Since its source code leaked, various new variants are making the...

HYAS Intel Team

HYAS Intel Team

May 21, 2020

Fraud-as-a-Service In The Time Of COVID-19
Threat Reports

Fraud-as-a-Service In The Time Of COVID-19

Any catastrophe is an opportunity for cybercriminals, and coronavirus/COVID-19 is no exception. Given public concern about the p...

HYAS Intel Team

HYAS Intel Team

April 17, 2020

Magecart Group 4 – A link with Cobalt Group?
Threat Reports

Magecart Group 4 – A link with Cobalt Group?

Note: This blog post is a collaboration between the Malwarebytes and HYAS Threat Intelligence teams.

HYAS Intel Team

HYAS Intel Team

October 4, 2019

Hunting APT33 Campaign Infrastructure
Threat Reports

Hunting APT33 Campaign Infrastructure

Geopolitical risk is just one of many considerations that global enterprises and institutions must factor into their businesses,...

HYAS Intel Team

HYAS Intel Team

September 20, 2019

CVE-2017-0199 Targeting Brazilian Users
Threat Reports

CVE-2017-0199 Targeting Brazilian Users

Recently we came across an interesting sample that warranted further investigation. The file in question was named “Reservar Gru...

HYAS Intel Team

HYAS Intel Team

September 10, 2019

New Advanced Phishing Kits Target Digital Platforms
Threat Reports

New Advanced Phishing Kits Target Digital Platforms

The difference between an obvious phish and a successful one is often the technical skill and attention to detail of the phish’s...

HYAS Intel Team

HYAS Intel Team

July 10, 2019

Exploring a Lokibot and Azorult Actor’s Infrastructure
Threat Reports

Exploring a Lokibot and Azorult Actor’s Infrastructure

Investigating attacker infrastructure is the bread and butter of HYAS Comox. One of the routine tasks we need to do as investiga...

HYAS

HYAS

June 15, 2019