Skip to main content
Skip table of contents

20231114.1

What’s New in HYAS Insight!

HYAS Malware Detonations

As part of this release, we have built significant improvements in our malware detonation infrastructure.  HYAS detonates malware throughout the day.  We leverage the resulting malware family data, adversary C2 infrastructure, and other intelligence to drive improvements in our Recent Malware Intelligence module.  We also surface up this intel in other supporting areas like passive hash, malware samples, and tags throughout HYAS Insight.

In coming releases we will continue to roll out new features based upon this malware detonation infrastructure.

Benefits:

  • Actionable intelligence on current malware, ransomware, and related threats

  • Correlation with threat intelligence across HYAS Insight

Malware Tags for IPs and Domains

As part of the improvements to our malware detonation infrastructure, we are extracting tags and better contextualizing IOCs across HYAS Insight.  Keep an eye out for new tags on malware types (infostealer, trojan), malware families (Agent Tesla, Mirai, Nanocore), and threat actor techniques (evasion).  These tags appear as blue "system tags."

Benefits:

  • Improved context to better under the threat

  • Get guidance from the tags to reduce investigation time

  • Help close the skills gap

Recent Malware Infrastructure

We have refreshed our previous Recent Malware Sample DNS with a new Recent Malware Infrastructure capability that displays a running list of our malware detonations and related C2 domains and IPv4s.  Get there by using the malware icon in the top-level navigation menu.  Note that only the first 1000 rows are available at any one time.  We are planning a new capability early next year that will provide fuller access to this data along with additional features to support your use cases.

Malware Samples Tab for IPv4 Object Types

IPv4 object types now get a new tab called Malware Samples which renders all samples known to correlate with the IP address.

New Package Provisioning

In this release we offer a new level of packaging support to meet different client content needs.  Our HYAS Insight packages align to different content modules:

  • Basic Infrastructure Intelligence

  • OSINT

  • Advanced Infrastructure Intelligence

  • Malware Intelligence

  • GPS Telemetry

Pop-up Message Style

Some pop-up messages have been improved to match the newer style seen elsewhere across the platform.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close