September 29, 2014 | Holly Barker

SpiceWorld 2014 – AlienVault Star Bar was a Hit!

AlienVault sponsored and attended SpiceWorld once again. The event was phenomenal on all fronts from learning about new updates within the Spiceworks dashboard to meeting new Spiceheads at the event to sessions and of course, the amazing networking opportunities and parties. There was never a dull moment at the event.Our team had a great time serving up cosmic cocktails…

September 25, 2014 | Jaime Blasco

Attackers exploiting Shellshock (CVE-2014-6271) in the wild

Yesterday, a new vulnerability affecting Bash (CVE-2014-6271) was published. The new vulnerability allows attackers to execute arbitrary commands formatting an environmental variable using a specific format. It affects Bash (the Bourne Again SHell), the default command shell for Linux and other UNIX flavors inlcuding Mac OS X. The vulnerability is critical since it can be exposed on web servers…

Get the latest security news in your inbox.

Subscribe via Email

September 24, 2014 | Kate Brew

My Favorite Color is “Five” Now

Six years ago I wrote a blog “My Favorite Color is Three.” It’s kind of sad - the situation with online applications using security questions for resetting your passwords, or Self Service Password Reset (SSPR) is still a horrific mess – really not that much better than it was six years ago. It’s just…

September 18, 2014 | Kate Brew

Information Security in Higher Education: SANS Survey with Interesting Findings

SANS conducted a survey in June, Higher Education: Open and Secure?, where they surveyed almost 300 IT professionals in Higher Education. Based on the results, Higher Ed institutions clearly have information security concerns and priorities that are a bit different from those of the typical enterprise. You really can't "lock down" Higher Ed: the whole premise of higher education involves…

September 15, 2014 | Jaime Blasco

Archie: Just another Exploit kit

We have previously described how Exploit Kits are some of the favorite techniques used by cybercriminals to install malicious software on victims' systems.The number of Exploit Kits available has experienced exponential growth in the last few years. Since Blackhole’s author was arrested in 2013, the number of Exploit Kits has increased - including Neutrino, Magnitude, Nuclear, Rig and…

September 7, 2014 | Andy Manoske

Data Breach at Home Depot - Carthage Must Be Destroyed

Today Home Depot confirmed that they have been the victims of a catastrophic data breach. If history is any indicator, the cost of this revelation could be best described with a simple phrase:Carthage must be destroyed.Prior to the outbreak of the Third Punic War, hawkish elements of the Roman Republic began to popularize the phrase Carthago Delenda Est …

September 5, 2014 | Garrett Gross

Brute Force Attacks & How They’ve Been Used to Access Nude Celebrity Photos

Thanks to recent events involving certain celebrities’ stolen pictures, “brute-force attack” is now one of the hot buzz words making its rounds on the intertubez. However, if you asked most people, they probably couldn’t even hazard a guess as to what is actually involved in a brute force attack. As an IT professional - do…

September 2, 2014 | Holly Barker

SpiceWorld Austin Hot Spots!

Have a case of the three-day weekend blues? Don’t fret! The AlienVault team is here to help start your week off right! We’re super excited to be sponsoring SpiceWorld again this year, and cannot wait to mingle with all of you in only a few weeks here in Austin, TX!Speaking of our fair city, we…

August 28, 2014 | Jaime Blasco

Scanbox: A Reconnaissance Framework Used with Watering Hole Attacks

A few days ago we detected a watering hole campaign in a website owned by one big industrial company.The website is related to software used for simulation and system engineering in a wide range of industries, including automotive, aerospace, and manufacturing.The attackers were able to compromise the website and include code that loaded a…

August 27, 2014 | Garrett Gross

Close Encounters of the Nerd Kind - SQL Injection Attack Examples

Hi folks – thanks for checking out the first in a blog series I’m doing - ‘Close Encounters of the Nerd Kind”, which focuses on information security, hacking, and current threats out in the wild. The title was probably too easy of a joke, but “Dr. Botnet or: How to Learn to Stop Worrying and…

August 21, 2014 | Lauren Barraco

Defend like an attacker: Applying the cyber kill chain

Understanding the cyber kill chain gives you an advantageWith the constantly evolving nature of most threats, it can be difficult to address every incident and alert that occurs in your environment. Effective incident response requires effective methods of prioritization: Deciding which alerts to focus on and in which order. In general, we’ve relied on a few standard…

August 15, 2014 | Jimmy Vo

Security Incident Handling and SIEM

It was 9:00 a.m. on a Wednesday morning and I was sitting in front of a testing computer. Laid across my small work area were five SANS 504 (Hacker Techniques, Exploits, and Incident Handling) books which were accessorized with colorful sticky tabs. As I answered questions regarding the security incident handling phases outlined by SANS my mind started wandering off, as…

Watch a Demo ›