IronNet Threat Intelligence

Updates and analysis on significant cybersecurity events from IronNet’s threat intelligence and research teams.

IronRadar

Nation-State
Cyber Threats

IronNet Threat
Research

More Sources of IronNet Threat Intelligence

IronRadar-logo-on-dark-white-text-500px

 

IronRadar is a purpose-built threat intelligence feed that enables cybersecurity teams to proactively block threats and improve detection by automatically ingesting data on the latest known - as well as new and unreported - attacker infrastructure.

IronNet tracks the creation of new malicious infrastructure for numerous post-exploitation toolkits, vulnerability scanners, and remote access trojans (RATs) through a unique fingerprinting process developed by our analysts, providing security operations, incident response, and cyber threat intelligence teams with everything they need to quickly detect C2 servers before they are used in an attack.

Nation-State Cyber Threats

Russia
IronNet-Threat intelligence-Russian Flag@2x
Russia

Russia

Updated as of February 2023

Marking the one year anniversary of Russia's invasion of Ukraine: Russia continues to target Ukraine in cyber attacks

  • CERT-UA releases alert stating it has recorded a number of targeted cyber attacks by the Russian APT Gamaredon on Ukrainian state authorities and critical information infrastructure.
  • CERT-UA releases alert stating Russia-linked actors (UAC-0056) breached multiple Ukrainian government websites, using a web shell that was created no later than December 23, 2021 to deploy multiple backdoors.
  • It was reported the Russian cyber espionage group known as Nodaria (UAC-0056) is using a new info-stealer called Graphiron against Ukrainian targets.

 

2022 Annual Threat Report

Threat Research from the IronNet Ecosystem

Our Annual Threat Report shares unique observations and analysis from our Threat Research Team, combined with intelligence drawn from the vast telemetry of the IronNet ecosystem and the services we offer. This provides crucial insight into the ever-evolving cyber threat landscape so security teams can be more proactive in their defenses while we continue to move the community together to collectively defend against cyber threats.

IronNet's Quarterly Threat Intelligence Reports

In our Q4 Threat Intelligence Report, IronNet analysts provide insight into cyber threat trends from October through December 2022.

IronNet Threat Research Blogs

More sources of IronNet Threat Intelligence

AlienVault Pulses
from IronNet

Get access to the AlienVault OTX pulses from IronNet to apply detection insights into your environment, including threat summaries, software targeted, and related indicators of compromise.

NOTE: You will need to log in on your first visit. Be sure
to sign up on AlienVault to receive IronNet Pulses via email.

Access IronNet’s GitHub

Get access to IronNet's GitHub for recent threat research and reporting from IronNet's Threat Research Teams on recent attacks.

Discover IronNet
for SOC Analysts

  • Do what you do, even better, with behavioral analytics
  • Learn practical ways to rule out false positives
  • Use detection tools that integrate with your existing cybersecurity stack