Recorded Future announced Friday acquiring malware analysis firm Hatching. ("Cash Money (part two)" by jtyerse is licensed under CC BY-NC-ND 2.0)Threat intelligence company Recorded Future on Friday announced that it acquired Hatching, a company that offers Triage, a sandboxing technology that delivers high-performance malware analysis. A purchase price was not disclosed.The merger aims to offer Recorded Future customers with better visibility into active malware campaigns in the wild, improved attribution, and a critical edge against adversaries that use malicious software to disrupt business operations.“By combining Hatching’s automated malware analysis capabilities with Recorded Future intelligence …our clients will now have an intelligence advantage against malware exploits, one of the most pervasive threats facing every organization,” said Christopher Ahlberg, co-founder and CEO of Recorded Future. “
When done correctly, threat intelligence offers insight into past observed scenarios and emerging threats to an environment, said Andy Gill, senior security consultant at LARES Consulting. Gill said the underlying importance is actionable intelligence rather than threat actor or tactics, techniques, and procedures bingo.
“Combining this with malware analysis and lessons learned on that front will enable an analyst to provide a complete picture of the threat landscape,” Gill said. “It may also potentially link the malware to known threat groups. Additionally, it allows for better observations to be made on the behavior of the malware and the ability to identify and cross-reference similarities with other families of similar malware.”Jon Oltsik, senior principal analyst and ESG Fellow said he thought this acquisition by Recorded Future was a very good fit.“Recorded Future can provide intelligence ‘around’ malware – who the adversary is, the infrastructure they use, and IoCs, but in the past, they would rely on a third-party for malware analysis,” Oltsik explained. “This acquisition makes Recorded Future a one-stop-shop for a large portion of an organizations cyber-threat intelligence needs.”John Bambenek, principal threat hunter at Netenrich, added that threat intelligence should always strive to get insights throughout the life-cycle and techniques used by attackers.“Malware remains a significant component of the overall attack behavior and those insights can help drive protective and detection techniques,” Bambenek said.
Apache Tomcat Manager interfaces have experienced a significant increase in attempted brute-force and login attacks on June 5, according to The Hacker News.
Threat actors previously associated with the Black Basta ransomware gang have continued leveraging Microsoft Teams phishing alongside Python script execution in new intrusions, indicating the ongoing regrouping of the ransomware operation following a steep decline stemming from its internal chat log leak earlier this year, The Hacker News reports.
Dozens of scam centers that have amassed nearly $225 million from illicit activities have been dismantled as part of the Singapore-led Operation Frontier+ law enforcement effort, which also led to the apprehension of over 1,800 individuals involved in various schemes, reports The Record, a news site by cybersecurity firm Recorded Future.
