Threat Intelligence

Actionable information and analysis to improve your ability to respond to attacks quickly

The Lastline Behavioral Intelligence Program

Lastline threat researchers investigate cyberattacks and publish unique, actionable information about advanced malware and threats in the form of targeted alerts and detailed reports.

Too many security tools ignore or misidentify the malicious behaviors that are essential to understanding the scope and intent of an attack. In contrast, the Lastline Behavioral Intelligence Program focuses on detailing the behaviors that advanced attacks exhibit. Armed with this information, your security team can secure your email, web, cloud, and network against advanced malware-based attacks faster, and with fewer resources.

Threat Intelligence Reports

Lastline Q4 2017 Malscape Monitor

Our premier malware report explains the levels, patterns and types of malicious activity reaching corporate networks. Security professionals can use this data to benchmark their organizations’ detection rates given the ever-evolving malware landscape to identify gaps in their security strategy.

Threat Alerts

Lastline Threat Alerts provide detailed descriptions of specific attacks, malware, and exploits, incorporating our unparalleled insight into the malicious behaviors engineered into any particular strain of malware.

Malware Landscape: K-12
May 2018
We analyzed the latest 100 malware samples that target the K-12 school environment. You might be surprised how many are a single piece of malware, NanoCore.

Cryptojacking, CryptoMining and the Rise of Monero
January 2018
Lastline is witnessing a tremendous increase in malware samples that have a cryptocurrency mining purpose. This Alert charts the ascension of Monero as the emerging cryptocurrency of choice.

Novel Excel Spreadsheet Attack Launches Password Stealing Malware Loki Bot
December 2017
Lastline uncovered a new attack vector initially launched through Microsoft Excel spreadsheets, and expanded into other Office applications. This Alert describes how the attack works, why it’s often dismissed as a false positive, and what typically happens during the initial days of the attack.

Malware Analysis–Mouse Hovering Can Cause Infection
September 2017
Cybercriminals recently developed a technique where, in some cases, malware can infect a device when the victim simply hovers their mouse over a malicious link. This Alert describes how it works, and steps security teams can take to prevent it.

A Deep Dive into the NotPetya Ransomware Attack
June 2017
This is a new variant of the Petya ransomware family that targets Windows systems. It also has been referred to PetrWrap, GoldenEye, Petya.A, Petya.C, and PetyaCry. This Alert describes the scope of the attack, its behaviors, and how it spreads.

Lastline Maltoons™ (malware cartoons) are designed to increase general understanding of malware and how each strain of malware operates. Each Maltoon is an infographic that describes the origins, capabilities, and characteristics of a particular type of malware. We’ve also provided each Maltoon character and invite you to use it as part of your malware educational programs.

We’re adding Maltoons monthly, so check back to download the latest release.

Adwind – Information Stealer

njRAT – Surveillance malware

Loki

Loki – Credential Stealing malware

About the Lastline
Behavioral Intelligence Program

The Lastline Behavioral Intelligence™ Program is a behavior-based approach to threat intelligence that improves security effectiveness, speed to remediation, and completeness of remediation. Lastline security experts investigate cyberattacks and make unique actionable information about malware and threats publicly available to improve security teams’ ability to detect and block attacks.

Existing systems are ineffective:

  • Enterprise incident response processes are broken – Due to the homogenous description of detected malware, correctly remediating infected devices is poor and increases the risk to
    orgs.
  • External threat intelligence feeds are fundamentally flawed – They lack the granularity to be truly helpful, and are overly focused on external data not internal activity.
  • Intrusion defenses are ineffective – They lack the ability to connect north/south alerts to east/west traffic, precluding the ability to understand the full
    scope of an attack.

Our unique approach, built on our core strength and differentiator – our insight into malicious behaviors and connecting them to intrusions and breaches – will provide otherwise unavailable analysis and information to inform security teams’ efforts to secure email, web, cloud, and networks.

Superior Protection, Easy to Use

With unmatched accuracy, protection at all malware entry points, and full visibility into malicious activity,
Lastline is a compelling solution to defeat network breaches.