Get a 360° view of malware and ransomware in minutes with Malware Insights Cards

Triage new malware or ransomware faster with Feedly's Malware Insights Cards, providing a 360° view with summary, activity trend, entity relationships, & news.

Aug 16, 2024 - 13:10
 0  8
Get a 360° view of malware and ransomware in minutes with Malware Insights Cards
Threat Intelligence

Get a 360° view of malware and ransomware in minutes with Malware Insights Cards

Jumpstart analysis with summaries, trends, threat actor links, CVEs, TTPs, and reports.

15 sec-summary

Understanding malware can be exhausting, requiring research, code analysis, behavioral analysis, and more. Getting a quick understanding of the malware’s target and potential impact can help you prioritize and move faster through analysis, detection, and mitigation.

With Feedly’s Malware Insights Cards, you can:

  • Respond to RFIs quickly. View near real-time activity spikes and advanced summaries updated with the latest information about the malware, all in one place
  • Understand malware relationships. Examine links to threat actors, CVEs, TTPs, and detection rules that have been discovered and correlated in the Feedly Threat Graph
  • Dive deeper. Read sources including intelligence reports and malware analysis reports to establish deeper knowledge and pivot to Threat Actor or CVE Insights Cards

Malware Insights Cards are created for every new malware or ransomware identified and updated in real-time as new information is published. They help you quickly triage and prioritize your work so you can focus on the most urgent risks.

Challenge: Identifying and triaging malware risks

Over one billion malware programs are in circulation. Most of these are derivatives from known malware families with established defenses. Yet threat actors change tactics, and dozens of new malware families are introduced each year.

With limited time and resources, analysts can’t afford to deeply analyze every new malware or ransomware program targeting their sector. It’s important to quickly understand the nature of the threat and its potential impact to help triage the risk and prioritize the next steps.

Let’s break the problem into two parts: identifying new malware or ransomware that requires evaluation and performing the initial triage.

Within Feedly for Threat Intelligence, there are several ways you can identify new malware/ransomware or changes to how it’s being used. Here are a couple of links to help you learn more:

The rest of this blog will focus on using the Malware Insights Cards to gain a quick 360° view of malware and ransomware, which can help you prioritize the next steps.

Respond to RFIs quickly: Review Malware Insights Cards to get a quick view of a malware or ransomware family

Imagine your manager asks you to research a new Malware family she heard about in the news. Rather than searching the web for bits and pieces of information, the Malware Insights Card is a quick way to get up to speed. It enables you to quickly see an advanced summary description, activity spikes, associated relationships, and sources. You can filter the analysis by date and export the Malware Insights Card as a PDF to send to your boss.

Malware Insights card showing the summary, aliases, and trend activity over the last 90 days.

Understand malware relationships to threat actors, CVEs, TTPs, and detection rules

What makes the Malware Insights Card most valuable is that Feedly collects and correlates information about the malware and ransomware with other entities and objects, simplifying your research. Examine links to threat actors, CVEs, TTPs, and detection rules associated with the malware.

Malware Insights Card showing relationships to threat actors, TTPs, CVEs, and related detection rules.

Dive deeper into sources and pivot to other content like CVE Insights Cards

Once you have an initial understanding of the malware or ransomware, dive deeper into trusted sources to learn more. Research detection techniques or understand how TTPs are used with the malware in attacks. Sources can include threat intelligence reports or articles from trusted sites. You can also pivot to related threat actors or CVEs by clicking on a Threat Actor or CVE Insights Card.

From the Malware Insights Card, you can easily open CVE Insights Cards, Threat Actor Insights Cards, and relevant articles to help you triage risk and plan your analysis activities.

Jumpstart your malware and ransomware research

Whether it’s the discovery of a new malware family or the new usage of ransomware by a threat actor on your watchlist, Malware Insights Cards can help you quickly triage the risk. Malware Insights Cards are created for every new malware or ransomware identified and updated in real-time as new information is published. They save time, helping to jumpstart your analysis so you can focus on the most urgent risks.

Try Malware Insights Cards

Quickly understand malware and ransomware to better prioritize your analysis activities and save timeStart triaging malware faster

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow