This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties. Members and Law enforcement use only. Contact us for any permissions. To do otherwise will result in the loss of membership.
Complete Story
11/13/2018
Has Hunting: Why File Hashes are Still Important
The State of Security
According to Gartner, threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications and actionable intelligence.
When security research teams or government agencies release threat intelligence reports, some of the more tactical actionable intelligence is in the indicators. These indicators include (but are not limited to) IP addresses, domain names, file names or file hashes. The end goal of providing this level of detail is so defenders can either provide mitigating steps in place to block malicious behavior or to use this information to search for evil within their organization.
I like to think of indicators as threat information rather than threat intelligence. Without additional context, such as time or intended targets, the indicators can be worthless. Time is an important one because indicators can be modified very quickly by an adversary.
Alerts
The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.
more information
Resources
Your electronic library to help in fighting financial fraud for all of our partners.
more information