Interactive Demo
The AlienVault Blogs: Taking On Today’s Threats

The most recent posts from across the AlienVault blogs.


Late-breaking discoveries and in-depth analysis.


Practical, how-to advice, tips and guidance.


Perspectives on trends and industry happenings.

Category: Blog

Posted in Blog: Labs Blog

During the last few days together with our colleagues from Kaspersky Lab we have been investigating a new strain of spearphishing mails sent to the Uyghur community. You can read their analysis here. The mails sent contain a Microsoft Office .doc file that exploits MS09-027 affecting Microsoft Office for Mac, this is the same exploit used in other attacks… Read more

Posted in: News, Code, Attacks, Malware, Exploits, Blog, APT
Tags: office, macosx, backdoor, ms09-027

Posted in Blog: Labs Blog

Here we go again. You know the expression, “No good deed goes unpunished”?  Well that idea has surfaced with regard to our OTX, or Open Threat Exchange.  Let me explain what I mean. First, some background.   We launched OTX back in February with a passionate belief in the power of transparency and open source models.   But we’re also as… Read more

Posted in: Alienvault (Company), Blog, OTX
Tags: otx

Posted in Blog: Labs Blog

It has been a while since we published information about Sykipot. The last time we blogged about it, we discovered a variant that was able to bypass two-factor authentication to access protected resources on the victim’s network. We have detected a new wave of Sykipot campaigns that has been running during the past weeks. There are several changes… Read more

Posted in: Attacks, Malware, Exploits, Blog, APT
Tags: sykipot, cve-2012-1889, ieee aerospace conference

Posted in Blog: Labs Blog

A couple of hours ago, Kaspersky reported a new variant of the MaControl backdoor targeting Uyghur users. It seems to be a newer version of the MacControl RAT we found some months ago being dropped using Java and Office for Mac exploits. The attackers send mails to the victims with a zip file that contains the backdoor and an image.… Read more

Posted in: Attacks, Malware, Blog, APT

Posted in Blog: Labs Blog

We’re proud to announce the immediate availability of the first phase of our threat exchange platform. You can check the marketing text on the AlienVault main site. We’ll be releasing more detail on the inner workings as we go on, or if you can’t wait, just upgrade your OSSIM installation and have a look at the inner… Read more

Posted in: Alienvault (Company), Blog, OTX