ReversingLabs Ransomware & Related Tools Threat Intelligence List
This threat intel list includes fresh indicators from not only ransomware but the tools used to gain access and deploy ransomware enabling defenders the opportunity to discover adversaries initial network access and lateral movement before their data is encrypted. Our threat intelligence researchers analyze ransomware attack trends and the security landscape to ensure that only the most up to date and relevant malware families are dissected to create technical indicators. This integration is available for download here on the ThreatConnect Marketplace.
- Indicators from multiple stages of typical attacks allow for early detection and the ability to reduce damage associated with IP theft and ransomware attacks
- Aggressive aging of the indicators ensures only relevant indicators are active in the list
- Extensive post processing of indicators eliminates or reduces confidence on indicators likely to produce false positives
- Indicators such as IP, Domain and Hash include tagging to give additional context such as MITRE ATT&CK, network parameters, attack stage and malware family name.
ReversingLabs is the leading provider of explainable threat intelligence solutions that dissect complex file-based threats for enterprises stretched for time and expertise. Its hybrid-cloud Titanium Platform enables digital business resiliency, protects against new modern architecture exposures, and automates manual SOC processes with a transparency that arms analysts to confidently take action and hunt threats.