Interactive Demo
The AlienVault Blogs: Taking On Today’s Threats
Latest

The most recent posts from across the AlienVault blogs.

Labs

Late-breaking discoveries and in-depth analysis.

How-To

Practical, how-to advice, tips and guidance.

Hot

Perspectives on trends and industry happenings.

Posted in Blog: Labs Blog

During the last few years we have seen an increase on the number of malicious actors using tricks and browser vulnerabilities to enumerate the software that is running on the victim’s system using Internet Explorer. In this blog post we will describe some of the techniques that attackers are using to perform reconnaisance that gives them information for… Read more

Posted in:
Tags: sykipot, internet explorer, waterhole, vulnerabilities, detecting endpoint software, angler exploit kit

Posted in Blog: Labs Blog

Every single day our automated systems analyze hundreds of thousands of malicious samples. Yesterday one of the samples caught my attention because the malware started performing bruteforce attacks against Remote Desktop using certain username and passwords. MD5: c1fab4a0b7f4404baf8eab4d58b1f821 Other similar samples: c0c1f1a69a1b59c6f2dab1813… Read more

Posted in:
Tags: credit cards, pci, point of sale, pos

Posted in Blog: Labs Blog

Let’s briefly review what we accomplished in the first post: Understood the capabilities and design of MIDAS Deployed MIDAS on a Mac OS X endpoint installed the MIDAS plugin in AlienVault USM Verified the integration by running MIDAS and confirming the events in the SIEM How does this make us safer? More generally, what does this mean? To… Read more

Posted in:
Tags: ossim, alienvault, macosx, plugins, siem, apple, midas, mac, plist

Posted in Blog: Labs Blog

Yesterday FireEye reported about a new Zero-Day affecting Adobe Flash that is being exploited in the wild and Adobe issued a security update regarding the vulnerability. Several websistes were redirecting visitors to a malicious server containing the exploit including: Peterson Institute for International Economics American Research Center in Egypt Smith Richardson Foundation as reported by FireEye. The malicious Flash… Read more

Posted in:
Tags: plugx, 0day, internet explorer, zeroday, office, flash, aslr

Posted in Blog: Labs Blog

Protecting Mac OS X systems is a hot topic these days. Their prevalence in enterprise environments has been on the rise over the past decade, and the question of how to secure them remains a mystery to many.  This post will discuss new methods for securing Mac OS X. The internal security teams at Etsy, Facebook and GitHub recently… Read more

Posted in: Plugins, Alienvault OSSIM, Python, Forensics
Tags: ossim, alienvault, macosx, plugins, siem, apple, midas, mac, plist