See how zveloCTI aligns with the Pyramid of Pain IOCs to help assess the level of difficulty for tracking down an MCA within your environment.
Indicators of compromise (IOCs) are the pieces of evidence collected from a host system (e.g. laptops, servers, mobile phones), applications (e.g. databases), cloud-based capabilities or network when suspicious or malicious activities have been identified.
zvelo’s curated cyber threat intelligence data delivers rich metadata for highly contextualized IOCs and threat signals which can be easily integrated into existing security tools and platforms (including SIEM, SOAR, EDR, MDR, XDR, etc.), for deeper analysis and enrichment by cyber defenders and threat analysts.
Common IOCs (listed in order from the easiest to assess to the most difficult) include file hashes, IP addresses, domain names, network/host artifacts, tools, and tactics, techniques, and procedures (TTPs). zvelo details how its threat detection feeds map to each of these IOCs within the Pyramid of Pain — a model cyber defenders use for Incident Response (IR) and threat hunting.
zvelo Releases Malicious Detailed Detection Feed with Rich Metadata and IOCs for Blocking and Threat Research on Malicious URLs and Files.
zvelo takes you behind the scenes of a phishing attack to show you the TTPs attackers use to gain network access and establish persistence. There is far more than meets the eye.
Weaponizing Excel 4.0 Macros (XLM) is an easy, reliable method attackers use to gain entry into a target network and establish persistence.
This article discusses Symbolic Link (SYLK) files and how the old method of data exchange is now being used to gain entry to organizations.
This is the first article of a three-part series where we examine phishing attacks that faded from popularity but are now resurging — in particular, malicious Office documents.
Malware Analysis uncovers hidden attackers actively exploiting your network, identifies latent infections and analyzes captured payloads.
Reduce your cyber threat risk by leveraging a Brand Vulnerability Assessment to identify the vulnerabilities and weaknesses which leave your brand exposed to attacks.
Emotet: An In-Depth Document Analysis, is zvelo’s latest threat report intended to help defenders understand Emotet’s initial infection mechanisms so they may better protect their organizations.
The intersection of infrastructure and influence creates linkages which may become discoverable and aid cyber defenders in catching MCAs.