November 26, 2013 | Sandy Hawke

Rethinking Vulnerability Management: The attacker’s perspective

Here's a really basic question... Why do we do vulnerability management? If your child asked you that question, how would you answer? It’s pretty simple really. We need to find and fix vulnerabilities because that’s what attackers exploit. You would then likely explain to your child that vulnerabilities are weaknesses, and weaknesses can be exploited…

November 19, 2013 | Patrick Bass

PCI DSS v3.0: What’s new and some key recommendations

On November 7, the Payment Card Industry (PCI) updated security requirements for handling credit card numbers and related data. The updated Data Security Standard (DSS) 3.0 reflects a number of key changes important to any organization that stores, processes, or transmits cardholder data (CHD). The new requirements become effective January 1, 2014. The older 2.0 standard will remain active until December 31, 2014 to help ensure adequate…

Get the latest security news in your inbox.

Subscribe via Email

November 14, 2013 | Jaime Blasco

OTX Snapshot and top Threat Intelligence headlines from the last month

It's that time again: time to wrap up some of the top research findings and headlines about Internet security threats that intrigued the AlienVault Labs team in October. October was as busy a month for security news as ever; it even went mainstream in national press with Adobe having at least 38 million accounts being breached. Having been immersed in…

November 11, 2013 | Lauren Barraco

Log Analysis 101

The challenge for any security practitioner is the same: how to get adequate security visibility for your organization. Securing your environment requires an understanding of the current and evolving threat landscape as well as knowledge of network technology and system design. The traditional approach to event log analysis says “collect logs from everything connected to the network and let…

November 6, 2013 | Sandy Hawke

Top Five Myths About Log Management

Event logs provide all the information you need to troubleshoot operational errors, and investigate potential security exposures. They are literally the bread crumbs of the IT world. But as you're likely aware, finding the insight you need inside those scattered bread crumbs, isn't all that straightforward. Thankfully, there are some useful technologies that can assist with bringing together…

November 6, 2013 | Jaime Blasco

Microsoft Office Zeroday used to attack Pakistani targets

Earlier today Microsoft released a security advisory alerting about a new Microsoft Office vulnerability being exploited in the wild. The vulnerability affects Office 2003/2007 and Office 2010 only running on Windows XP/2003. The vulnerability is related to the parsing of TIFF images and Microsoft released a FixIt that basically block the rendering of TIFF images on the system. The exploit we…

November 4, 2013 | Sandy Hawke

Five Common Security Mistakes and How to Detect Them

We’ve all made mistakes. And the best we can hope for is that we learn from them. Unfortunately, IT security mistakes can often have much more wide-ranging consequences than your standard mistake like a missed typo in a press release or a forgotten name of a new colleague. That’s why it’s so critical to…

November 4, 2013 | Sandy Hawke

Welcome to Security Essentials

"Simplicity is the ultimate sophistication." --Leonardo Da Vinci For the past few decades, I've had a hard time in cocktail party conversations. When someone asks what you do for a living, it's far simpler to say, "I'm a teacher" or "I work on Wall Street" than "I help companies secure their networks and data against bad people…

October 24, 2013 | Jaime Blasco

PHP.net potentially compromised and redirecting to an exploit kit

This morning we woke up with news indicating that Google was flagging the php.net website as potentialy harmful.    You can read more information on: - http://news.netcraft.com/archives/2013/10/24/php-net-blocked-by-google-false-positive-or-not.html - http://barracudalabs.com/2013/10/php-net-compromise/ We couldn't replicate the behavior as it seem the webmaster modified the files that were producing the…

October 17, 2013 | Alberto Ortega

Ransomware now accepts bitcoin as a payment method

Looking at the evolution of ransomware, accepting bitcoin as a payment method is probably taking too long for most common ransomware families. Not long ago, we have seen a ransomware family that accepts MoneyPak, Ukash, cashU and Bitcoin as payment methods. Its name is CryptoLocker and is detected by Microsoft as Crilock.A. Just one month after Microsoft released the…

October 16, 2013 | Jaime Blasco

OTX Snapshot: Top Malware Detected

This month, AlienVault launched a new Threat Update Newsletter with the goal of sharing recent threat data from our Open Threat Exchange™ (OTX), as well as recaps of some of the most interesting (or troubling) research and industry news. You can subscribe via e-mail to the Threat Update Newsletter, or subscribe to this blog to get additional information and…

October 10, 2013 | Alberto Ortega

Yara rules for leaked KINS toolkit

Just a few days ago, the source code of the famous KINS banking trojan was leaked. KINS is a professional-grade banking trojan, destinated to infect as much computers as possible in order to steal credit cards, bank account credentials and related information from victims. Seen as a replacement to Citadel, it was identified in the wild not long ago. Now,…

Watch a Demo ›
Get Price Free Trial