January 8, 2019 | Tony DeGonia

2018 Sees Record Number of Online Retail Data Breaches

During the holiday season people logged on to make purchases through online retailers, like no other time of the year. While there was significant growth in many segments of society on a global scale in 2018, we also  saw a significant increase in online retail breaches where personally identifiable information was compromised at an alarming rate. With more and more…

January 7, 2019 | Tom D'Aquino

Data Exfiltration in AWS: Part 2 of Series

In the previous blog in this four-part blog series, we discussed AWS IAM and how it can be compromised to allow for data exfiltration. In this blog we will drill into data exfiltration.One of the more common issues reported on lately involves EC2 instances running data storage services like Elasticsearch and MongoDB, which by default don't have any…

Get the latest security news in your inbox.

Subscribe via Email

January 4, 2019 | Javvad Malik

Things I Hearted This Week, 4th Jan 2019

Welcome to 2019! I hope that you had a well-deserved break over the holidays, and a special shout out to all the people that carried on pulling shifts in the SOC, were on-call, and helped ensure stuff stayed as secure as possible while the rest of us were eating and sleeping too much! I’ve said it before, and I…

January 3, 2019 | Tony DeGonia

The “Internal” Cyber Kill Chain Model

An Alternative to the “Classic” Cyber Kill Chain Model for Internal Attacks and BreachesDeveloped by Lockheed Martin, the Cyber Kill Chain® (CKC) framework is part of the Intelligence Driven Defense® model for the identification and prevention of cyber intrusions activity. The model identifies what adversaries must complete in order to achieve…

December 27, 2018 | Rohan Viegas

How Malware Sandboxes and SIEMs Work in Tandem to Effectively Detect Malware

Rohan Viegas of VMRay explains some of the key factors IT security teams should consider when evaluating a malware analysis sandbox and whether it’s a good fit for their existing SIEM environment. He then outlines how VMRay Analyzer complements and enhances the capabilities of AlienVault’s flagship platform, USM Anywhere.For IT security organizations, malware threats and…

December 24, 2018 | Josh Lake

The Dangers of Free VPNs

If you use a free VPN, then you have to wonder how your provider earns money to cover their own costs. The answer often involves advertising, but it can also be through far more sinister means.Running a VPN service costs a significant amount of money. There are setup costs, infrastructure costs, labor and other running costs. The companies behind…

December 20, 2018 | Tawnya Lancaster

Let’s Chat: Healthcare Threats and Who’s Attacking

Healthcare is under fire and there’s no sign of the burn slowing.Look, it’s no secret that hackers have been targeting hospitals and other healthcare providers for several years — and probably no surprise that healthcare is one of the top target industries for cybercrime in 2018. In the US alone, in fact, more than 270 data breaches…

December 19, 2018 | Ian Thornton-Trump

Network Penetration Testing

What is Penetration Testing?Penetration testing, often called “pen testing” is one of several techniques used to verify cybersecurity posture and provide a level of assurance to the organization that its cyber defenses are functional. It’s a way of testing defenses against an adversary who mimics a cyber-criminal actor.First Rule of Network Penetration Testing: Make…

December 17, 2018 | Javier Ruiz

Malware Analysis using Osquery | Part 3

In part 1 of this blog series, we analyzed malware behaviour, and, in part 2, we learned how to detect persistence tricks used in malware attacks. Still, there are more types of events that we can observe with Osquery when malicious activity happens. So, in the last blog post of the series, we will discuss how to detect another example of a…

December 17, 2018 | Julia Kisielius

AlienVault Monthly Product Roundup October / November 2018

At AWS re:Invent recently, I spoke to several booth visitors who asked, “What’s new with AlienVault?” It was exciting to talk through some of the improvements we’ve made over the last year and see their eyes widen as the list went on. As our customers know, we regularly introduce new features to USM…

December 14, 2018 | Javvad Malik

Things I Hearted this Year 2018

It’s hard to believe the whole year has gone past and I’ve been hearting things nearly every week since it began.I’d like to sum up 2018, so I started to look through all the posts from every week and I realised it was a mammoth task. There have been 40 “Things I hearted”…

December 13, 2018 | Javvad Malik

The REAL 2019 Cyber Security Predictions

It’s December, which means it’s time to get those 2019 cyber predictions going. While there are many well-informed, and some not-so-well informed opinions out there, I’ve dug through the cyber underground, I’ve climbed data mountains, and delved to the depths of the dark web to seek out what is really happening.Having spilt…

Watch a Demo ›