Internet search engine Shodan provides enterprise security teams a wealth of information about open ports on servers and other Internet-connected devices. Now, as part of a partnership with threat intelligence company Recorded Future, security analysts and researchers can use Shodan to uncover systems being used to control malware-infected devices.
Shodan’s specialized crawler doesn’t gather information about websites, but rather details about the connected devices, including servers, routers, webcams, and other internet-of-things devices. The new Malware Hunter crawler takes the scanning a step further and actively hunts for computers that are acting as remote access trojan (RAT) command-and-control servers. As such, it is a powerful tool for threat analysts, security operations center (SOC) teams, and dedicated security personnel within the enterprise trying to proactively identify and defend against certain types of malware families, said Levi Gundert, vice president of intelligence and strategy at Recorded Future.
To read this article in full or to leave a comment, please click here