Interactive Demo
The AlienVault Blogs: Taking On Today’s Threats

The most recent posts from across the AlienVault blogs.


Late-breaking discoveries and in-depth analysis.


Practical, how-to advice, tips and guidance.


Perspectives on trends and industry happenings.

Tag: Plugx

Posted in Blog: Labs Blog

Yesterday FireEye reported about a new Zero-Day affecting Adobe Flash that is being exploited in the wild and Adobe issued a security update regarding the vulnerability. Several websistes were redirecting visitors to a malicious server containing the exploit including: Peterson Institute for International Economics American Research Center in Egypt Smith Richardson Foundation as reported by FireEye. The malicious Flash… Read more

Posted in:
Tags: plugx, 0day, internet explorer, zeroday, office, flash, aslr

Posted in Blog: Labs Blog

As we related in our previous blog post the latest Internet Explorer ZeroDay is being used to target specific sectors including the Defence and Industrial ones. Following our investigations on the servers found serving the Internet Explorer Zeroday and using OSINT, we were able to use the WHOIS mail address and the ip addresses used by the attackers to find… Read more

Posted in: Attacks, Malware, Exploits, Snort, APT
Tags: plugx, 0day, internet explorer, defence, ics

Posted in Blog: Labs Blog

Some hours ago my friend PhysicalDrive0 pointed me to a new version of Moh2010.swf that was found in the wild as part of some content exploiting the last Internet Explorer Zeroday. The exploit code was being served on hosted on: The exploit scheme is the same one, the original vector is hosted under /Exploit.html.… Read more

Posted in: Attacks, Exploits, APT
Tags: plugx, internet explorer, zeroday, flowershow, whg

Posted in Blog: Labs Blog

Some days ago, TrendMicro published some information about a new version of a RAT called PlugX. From the last few months we have been tracking a group using the PlugX RAT that has been attacking different targets especially in Japan, Taiwan, Korea and against Tibetan organizations and individuals. In this post we will focus on the intelligence we have extracted… Read more

Posted in: News, Attacks, APT
Tags: apt, plugx, rat, thoper, sogu, tvt

Get Security Visibility & Actionable Intelligence.
Get Email Updates

Labs Research
Security Essentials
Industry Insights
All Blogs

Featured Content