This blog is authored by Neil Jenkins (CTA) and Kendall McKay (Cisco Talos, and lead author on the Threat Assessment) Today, the Cyber Threat Alliance (CTA) released the 2020 Summer Olympics Threat Assessment (updated April 2021), our first event-specific threat report focused on cyber risks to this…
Since the founding of CTA, our automated threat intelligence sharing platform has been the beating heart of our day-to-day mission. We are delighted to announce that our most significant update to that platform to-date, code-named Project Magellan, is now complete. Our diverse and growing membership (25 companies as of…
Tell us a little about yourself. What was your background before coming to CTA? Prior to joining the CTA in February 2017, I served as a Special Assistant to President Obama and as Cybersecurity Coordinator on the National Security Council Staff. In this role, I was responsible for leading…
Co-authored by Neil Jenkins and Natasha Cohen In May 2018, Cisco Talos shared threat indicators and analysis with other CTA members around a new threat: VPNFilter. VPNFilter is a sophisticated modular malware system that targeted networking equipment, ultimately infecting at least 500,000 devices at its peak. Its activity was…
On May 23, 2018, Cisco’s Talos Intelligence Group publicly exposed a new malware threat they dubbed VPNFilter. VPNFilter is a sophisticated modular malware system targeting networking equipment all over the world. This malware allowed for theft of website credentials, collection of data, injection of malicious content into network traffic…
In April, we blogged about CTA’s role in disrupting malicious cyber activity. We introduced the idea of routinely bringing our members together to develop Joint Analysis reports on specific threats and campaign activity, the same way our early members came together to report on the threat from Cryptowall…
On May 23, 2018, Cisco’s Talos Group released a blog on a new sophisticated modular malware system called “VPNFilter.” This malware is targeting networking equipment all over the world and has recently begun a large-scale infection of devices in Ukraine. VPNFilter is troubling for a number of reasons, as…
CTA was absolutely thrilled to have recently celebrated our first anniversary just a few weeks ago during the RSA Conference. We highlighted strong growth in membership, in staff, and in the amount of cyber threat information we shared at machine speed on a daily basis. Our first year…
Since our founding last year, we’ve been busy. Our membership has more than doubled by growing from six to seventeen members; sharing on the platform has increased in terms of total volume and in the amount of context included; and we have built up our staff to support the mission. We’ve…
Previously in this series of blog posts, we discussed the steps that organizations can use to improve their cybersecurity and we looked at how cybersecurity companies need to share information to enable more effective network defense. When cybersecurity companies share contextualized technical indicators at speed and at scale and use…