We at Infoblox are happy to publish this version of our Quarterly Cyber Risk Intelligence Report. The Q1 2022 report contains our publicly launched menace intelligence experiences from January 1 to March 31, 2022. This quarter, we additionally share vital alerts, advisories, and experiences that CISA, the Federal Bureau of Investigation, and Nationwide Safety Company/Central Safety Service revealed throughout this quarter.
We put a particular highlight on utilizing MITRE ATT&CK to make clear the DNS assault floor and the way DNS safety can tackle these threats instantly.
We additionally highlight the state of cyber safety inside South Asia. We’ve just lately seen an assault upon Air India; the variety of cyber assaults in opposition to the federal government and companies in India has doubled previously three years. We current a latest case examine of the implementation of DNS safety by an e-commerce chief in India.
What’s within the Report
This publication dietary supplements our unique analysis and perception into threats we noticed main as much as and together with this time period. Our report features a detailed evaluation of superior malware campaigns and of latest vital assaults. In some instances, we share and develop on unique analysis revealed by different safety corporations, trade specialists, and college researchers. We really feel that well timed info on cyber threats is significant to defending the neighborhood at giant.
Normally, we report on particular threats and associated knowledge, buyer impacts, evaluation of marketing campaign execution and assault chains, in addition to vulnerabilities and mitigation steps. We additionally share background info on the assault teams probably accountable for the threats underneath assessment.
Right here is the hyperlink to obtain your copy of the Q1 2022 Cyber Risk Intelligence Report:
Throughout Q1 2022, the Infoblox Risk Intelligence Group revealed the next experiences which included intensive analysis on Ukrainian-themed campaigns:
- Cyber Risk Advisory: Formbook Deploys New Evasive Strategies
- Cyber Risk Advisory: Ukrainian Assist Fraud
- Ukraine-Themed Malspam Drops Agent Tesla
- “Ukraine warfare” Malspam Delivers Remcos
- Ukraine Rip-off Campaigns
Improve SecOps effectivity with complete menace intelligence
Our Q1 2022 Cyber Risk Intelligence report shares analysis on many harmful malware threats. Your safety effectiveness depends upon well timed, up-to-date menace intelligence. Utilizing instruments included in Infoblox BloxOne® Threat Defense, safety groups can gather, normalize and distribute extremely correct, multi-sourced menace intelligence to strengthen your complete safety stack. Extra capabilities will help SecOps to speed up menace investigation and response by as much as two-thirds.
Automation performs a key position in all capabilities in BloxOne Risk Protection, accelerating remediation and eliminating administration overhead. Automated responses may be triggered all through the safety ecosystem. Investigation and remediation are accelerated additional with entry to all related menace and community knowledge accessible in context.
Curated, multi-sourced menace intelligence
BloxOne Risk Protection offers you with entry to roughly 27 totally different menace feeds. Curation by the Infoblox Cyber Intelligence Unit (CIU) drives accuracy whereas minimizing false positives and lets you customise the combination based mostly in your wants. BloxOne Risk Protection collects, curates and aggregates menace info from Infoblox, your different industrial instruments and third-party authorities sources. A normalized “super-feed” can then be shared throughout the safety stack, doubtlessly growing the effectiveness of each protection.
Effectivity instruments for analysts
The File™ function of BloxOne Risk Protection offers a purpose-built menace analysis device. It presents an organized and easier option to examine a present menace, decide an efficient response or to easily analysis the highest threats to your group or the world on the whole.
Built-in third-party intelligence sources
A broad set of REST APIs allow you to ingest extra menace intelligence from third-party premium, public or personal menace feeds, additional enhancing your core menace intelligence. This functionality is especially highly effective for these taking part in menace intelligence change applications.
Please obtain the Infoblox complementary report right here: https://info.infoblox.com/resources-whitepapers-infoblox-q1-2022-cyberthreat-intelligence-report
For extra details about our paid menace intelligence companies and merchandise please go to https://www.infoblox.com/products/threat-intelligence/ or attain out on to our gross sales staff through https://www.infoblox.com/company/contact/.