Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

5/23/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Kaspersky Lab Launches Threat Intelligence Portal

The security firm creates a single point of entry for its Kaspersky Threat Data Feeds, APT Intelligence Reporting, and Kaspersky Threat LookUp.

Woburn, MA – Kaspersky Lab has announced the launch of its Threat Intelligence Portal, the ultimate web service to help businesses access the most relevant threat information to aid their everyday struggles against complex cybercrime. With the portal, security operation center operators will be able to work more efficiently while facing hundreds and thousands of threat alerts.

The Threat Intelligence Portal will provide Kaspersky Lab’s Security Intelligence Services subscribers with a single point of entry to Kaspersky Threat Data Feeds, APT Intelligence Reporting and Kaspersky Threat LookUp. Companies will have immediate access to both the very latest and historical threat intelligence to help them combat cyber-attacks before they impact their organization. This will help improve incident response times and forensic capabilities by giving security teams meaningful and insightful information about threats and their make-up, in order to take the right response before systems and data are compromised.

Threat intelligence is of crucial importance to companies in their everyday struggle with complex threats. It allows businesses to keep up to date with the evolving landscape before technical threat descriptions become publicly available. This access to constantly updated information from expert sources and the very latest APT Intelligence reports means that an effective and swift response can be taken to overcome potential threats, through improved visibility of criminal and cyberespionage tactics, techniques and procedures available in human and machine readable formats such Indicators of compromise (IoC) and Yara rules.

Since 2016, Kaspersksy Lab has published more than 100 APT Intelligence reports to help companies better understand cyber risks. As well as these reports, Kaspersky Threat Lookup will also be accessible through the Threat Intelligence Portal. This powerful web service provides interactive access to five petabytes of cyber threat intelligence information, collected and categorized by Kaspersky Lab machine learning and expert systems over more than 10 years. This provides security operation center teams the ammunition they need to historically and geographically drill down adversaries activities and malicious behavior across the internet.

Also available on the Threat Intelligence Portal are Kaspersky Threat Data Feeds. These continuously updated feeds – including the IP Reputation, the Threat Hash, and Threat URL feeds – provide security teams with access to up to date information about current risks, and the implications associated with cyber threats. With this insight and continually updated indicators of compromise, security teams will have a greater understanding of the intent and capabilities of threats in order to bolster their network defense solutions - including SIEMs, firewalls and DNS solutions – to ensure a robust and effective response. Moreover, the Threat Intelligence Portal has a tailored interface and rich API for external SIEMs integration, to ensure the most efficient incident investigation and cyber threat hunting.

To celebrate the launch of the Threat Intelligence Portal, customers subscribing to APT Intelligence Reports, Kaspersky Threat Lookup or Kaspersky Threat Data Feeds, will receive a bonus pilot subscription to other services available on the Threat Intelligence Portal. In addition, in Q4 of 2017, Botnet Tracking and Phishing Tracking services will also be available via the portal.

"At Kaspersky Lab we believe passionately in the importance of threat intelligence as a means for safeguarding the business community against emerging cyber threats," said Veniamin Levtsov, vice president, enterprise business at Kaspersky Lab. "The more insight and context around new and emerging threats that we can share with security teams, the more prepared and aware our customers will become – in order to effectively defend themselves against all known threats. We are pleased to announce the launch of the Threat Intelligence Portal as a convenient, integrated tool that companies can use to ensure they detect threats, before it is too late."

With businesses today increasingly being threatened by cybercrime, and with half of firms across the globe worried about becoming the victim of targeted attacks (49%), the need for cyber intelligence sharing has never been greater.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17210
PUBLISHED: 2019-07-20
An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. The core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. As a result, an attacker with guest/pseudo-guest level permissions can bypass t...
CVE-2019-12934
PUBLISHED: 2019-07-20
An issue was discovered in the wp-code-highlightjs plugin through 0.6.2 for WordPress. wp-admin/options-general.php?page=wp-code-highlight-js allows CSRF, as demonstrated by an XSS payload in the hljs_additional_css parameter.
CVE-2019-9229
PUBLISHED: 2019-07-20
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.251. An internal interface exposed to the link-local address 169.254.254.253 allows attackers in the local network to access multiple quagga VTYs. Attackers can...
CVE-2019-12815
PUBLISHED: 2019-07-19
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
CVE-2019-13569
PUBLISHED: 2019-07-19
A SQL injection vulnerability exists in the Icegram Email Subscribers & Newsletters plugin through 4.1.7 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.