AlienVault Labs Blog
The AlienVault Blogs: Taking On Today’s Threats

The most recent posts from across the AlienVault blogs.

Subscribe: Via Email | RSS


Late-breaking discoveries and in-depth analysis.

Subscribe: Via Email | RSS


Practical, how-to advice, tips and guidance.

Subscribe: Via Email | RSS

Posted in Blog: Labs

I saw a webcast done by Peter Ewane and Javvad Malik recently. The summary of what Peter had to say and Q&A follows; you can also view the recorded webcast.What is Malware?Malware can be a lot of things. It can be a virus, a worm, spyware, a Trojan horse, or ransomware. It’s basically any… Read more

Tags: malware

Posted in Blog: Labs

The AlienVault Labs team does a lot of malware analysis as a part of their security research. I interviewed a couple members of our Labs team, including Patrick Snyder, Eddie Lee, Peter Ewane and Krishna Kona, to learn more about how they do it.Here are some of the approaches and tools and techniques they use for reverse engineering malware,… Read more

Tags: malware, reverse engineering, malware research

Posted in Blog: Labs

PowerWare was brought to my attention by Carbon Black via their blog post. PowerWare is downloaded by a malicious macro-enabled Microsoft Word document that is distributed via a phishing email campaign. The malicious document in question attempts to convince the user to enable macros by informing them that the file is protected by Microsoft Office. This, of course, is a… Read more

Tags: ransomware, powerware, poshcoder

Posted in Blog: Labs

By Eddie Lee and Krishna KonaA couple of months ago, as we rang in 2016, we thought it would be interesting to take a quick look back at some OSX malware from 2015 and 2014. As reported by the team at Bit9+Carbon Black [1], 2015 marked “the most prolific year in history for OS X malware”. We collected a few samples… Read more

Tags: malware, osx

Posted in Blog: Labs

Today, a coordinated coalition involving AlienVault and several other security companies led by Novetta is announcing Operation BlockBuster. This industry initiative was created to share information and potentially disrupt the infrastructure and tools from an actor named the Lazarus Group. The Lazarus Group has been responsible for several operations since at least 2009, including the attack that affected Sony Pictures Entertainment… Read more


Get Email Updates

Labs Research
Security Essentials
All Blogs

Gartner MQ

Featured Content