In November, Carlos Dodero, LATAM Business Unit Manager and Victor Obando, LATAM Senior Advisor at AlienVault participated on panels at the GMS-sponsored Conference in Ecuador attended by 300 and the E-Dea Networks event in Colombia attended by 50 to discuss security trends in the LATAM market with other IT security leaders. In addition, a third partner event featuring AlienVault was held by…
With the holiday season quickly approaching, many retailers might be finding themselves in the crosshairs of criminals, both physically and online. The unfortunate reality is that most of them are soon entering an IT freeze, or already have, where no new projects go live and performance and availability take precedence. In many cases, this means that any new security upgrades…
With the recent streak of widely publicized breaches of well-known companies, many organizations are examining their incident response (IR) capabilities. SANS conducted a survey earlier this year to explore what IR teams are up against – what types of attacks are most common, what defenses are most widely used, and what challenges IR teams face in their response efforts. The…
Austin Texas was a good place for Security on October 23-24! So many luminaries: @MartinHellman2, @mattjay, @JohnathanKuskos, @oleggryb, @lance_io, @manicode, @wickett, @mkonda, @jarretraim, @matt_tesauro, @isc4ThePeople, @planetlevel, @securitycabinet, @cktricky, @carnal0nage, @mgbits, @maty_siman, @joshsokol, @marcusjcarey, @jack_mannino, @imas_foss, @lostgravity, @dferguson_usa, @kseniaDmitrieva, @golfhackerdave, @ka, @stephenCoty, @RSnake, @Dav1dHugh3s I couldn’t find all the…
As with most terminology used in information technology, such as DMZ (or Demilitarized Zone), the term Red team was originally adopted from its use by the US military, which is still heavily used today in the ongoing force transformation of the Department of Defense. A red team is an independent group that challenges an organization to improve its effectiveness. The…
Thinking about mobile device security policy keeps me up at night. It probably keeps you up too. On a recent evening, I was browsing the findings of a study by McAfee and Ponemon Institute titled “The Lost Smartphone Problem[i],” which provided data on how many employee devices are lost and recovered annually. My life is exciting. This…
Yesterday, another cyber espionage group with Russian roots made it to the New York Times headlines again courtesy of FireEye and a new report they published. FireEye did a pretty good job on attribution and giving some technical indicators; however, they neglected to reference previous work on this threat actor from companies like PWC, TrendMicro, ESET and others. We have…
Jaime Blasco, Director of AlienVault Labs, and Charisse Castagnoli, office of the CISO at Websense presented a joint session at Innotech 2014. Their discussion centered on breaches, insider threats, predictions and threat intelligence. When asked about how he stays current on the volatile threat landscape, Jaime had an interesting observation: it’s good to have friends. In IT security, even…
A new security vulnerability was discovered by a team of researchers from Google that affects SSL v3. This vulnerability, dubbed POODLE (Padding Oracle On Downgraded Legacy Encryption), while nowhere as serious as Heartbleed or Shellshock, can still wreak havoc on your machine or in your environment if the right set of circumstances were to put you in the crosshairs of…
Ben Broussard of Denim Group presented at OWASP Austin on 9/30 and highlighted a really interesting new kind of attack – Account Entrapment. What is Account Entrapment? Counter-intuitive at first glance, it’s not about an attacker gaining access to the victim account. It’s the opposite. It is the attacker being able to log the victim into his…
Companies who process credit card data are getting pummeled by breaches. It doesn’t seem to matter if you are big or small anymore—you are going to be targeted if you have not already been breached. That’s what PCI DSS is for, right? If you follow all of the requirements in PCI DSS, you should…
A recently discovered hole in the security of the Bourne-Again Shell (bash) has the majority of Unix/Linux (including OS X) admins sweating bullets. You should be, too--attackers have already developed exploits to unleash on unpatched web servers, network services and daemons that use shell scripts with environment variables (this can include network equipment, industrial devices, etc.) Jaime Blasco, AlienVault…
