How to Improve Cyber Threat Investigations with TI Lookup

Nov. 13, 2024, 12:28 p.m.

Description

This article discusses the use of Threat Intelligence (TI) Lookup, a centralized service for threat data exploration and analysis. It highlights key features such as fast search results, extensive search parameters, and access to a large database of malware and phishing samples. The article explains how TI Lookup sources data from public submissions and provides several use cases, including checking suspicious IP addresses, identifying malware families using mutexes, uncovering threats using file paths, connecting unrelated data points, and collecting fresh samples with YARA rules. The tool's ability to provide quick results and offer a wide range of search options makes it valuable for cybersecurity professionals.

External References

https://any.run/cybersecurity-blog/how-to-improve-cyber-threat-investigations/
https://otx.alienvault.com/pulse/6734869ecdcf1c0639fa326f
Tags
phishing
remcos
stealc
cybersecurity
lumma
malware analysis
threat intelligence
agenttesla
yara rules
2024-11-13
darkvision
sandbox
ioc

Date

  • Created: Nov. 13, 2024, 10:59 a.m.
  • Published: Nov. 13, 2024, 10:59 a.m.
  • Modified: Nov. 13, 2024, 12:28 p.m.

Attack Patterns

  • DarkVision
  • Remcos
  • Lumma
  • Stealc
  • AgentTesla