Blog

At the heart of the Cyber Threat Alliance (CTA) is a commitment to improve cybersecurity defenses across the global information ecosystem. Our sharing of automated threat intelligence and collective engagement on unique cyber threats are critical aspects of this mission. Over time, CTA’s early sharing program has grown to be another valuable and important part […]

Written by Ryan Olson, Vice President Threat Intelligence (Unit 42), Palo Alto Networks Through this new series of guest blogs, we hope to shine a light on the day-to-day role that our members play in shaping and supporting the work of CTA. We have invited our member companies to share blog posts exploring how they […]

Earlier this week, CTA announced that we would join 12 other non-profit organizations to support the Global Cyber Alliance “Work From Home. Secure Your Business.” campaign. This effort is focused on shoring up the defenses of a newly remote workforce during the ongoing disruption to our regular lives as a result of the COVID-19 pandemic. […]

This blog is authored by Neil Jenkins (CTA) and Kendall McKay (Cisco Talos, and lead author on the Threat Assessment) Today, the Cyber Threat Alliance (CTA) released the 2020 Summer Olympics Threat Assessment (updated April 2021), our first event-specific threat report focused on cyber risks to this summer’s Tokyo Games. This report was written by […]

Since the founding of CTA, our automated threat intelligence sharing platform has been the beating heart of our day-to-day mission. We are delighted to announce that our most significant update to that platform to-date, code-named Project Magellan, is now complete. Our diverse and growing membership (25 companies as of January 2020) contributes millions of curated […]

Tell us a little about yourself. What was your background before coming to CTA? Prior to joining the CTA in February 2017, I served as a Special Assistant to President Obama and as Cybersecurity Coordinator on the National Security Council Staff. In this role, I was responsible for leading the development of national cybersecurity strategy […]

Co-authored by Neil Jenkins and Natasha Cohen  In May 2018, Cisco Talos shared threat indicators and analysis with other CTA members around a new threat: VPNFilter. VPNFilter is a sophisticated modular malware system that targeted networking equipment, ultimately infecting at least 500,000 devices at its peak. Its activity was ultimately severely degraded due to coordinated […]

On May 23, 2018, Cisco’s Talos Intelligence Group publicly exposed a new malware threat they dubbed VPNFilter. VPNFilter is a sophisticated modular malware system targeting networking equipment all over the world. This malware allowed for theft of website credentials, collection of data, injection of malicious content into network traffic as it passes through an infected […]

In April, we blogged about CTA’s role in disrupting malicious cyber activity. We introduced the idea of routinely bringing our members together to develop Joint Analysis reports on specific threats and campaign activity, the same way our early members came together to report on the threat from Cryptowall Version 3 in 2015. Our goal with […]

On May 23, 2018, Cisco’s Talos Group released a blog on a new sophisticated modular malware system called “VPNFilter.” This malware is targeting networking equipment all over the world and has recently begun a large-scale infection of devices in Ukraine. VPNFilter is troubling for a number of reasons, as it allows for theft of website […]