AlienVault Labs Blog
The AlienVault Blogs
Taking On Today’s Threats
Posted in Blog: Labs

Its been a busy couple of months for the OTX team, making lots of improvements to make OTX more useful for security researchers and InfoSec professionals. Thought it was time to give you and update. Here's what's new in OTX:Easier Way to Create PulsesWe've rebuilt the way you create pulses from scratch. So you can… Read more

Tags: otx, usm, otx pulse

Posted in Blog: Labs

Last week a new vulnerability affecting Apache Struts was reported (CVE-2017-5638) that affects the Apache Struts Jakarta Multipart parser. The vulnerability allows an unauthenticated attacker to execute code in the affected system by creating a specially crafted Content-Type HTTP header.Starting last Thursday (March 9, 2017), we have seen a high number of attackers trying to exploit this vulnerability. Different payloads… Read more

Tags: otx, usm anywhere, apache struts, usm appliance, cve-2017-5638

Posted in Blog: Labs

I saw a webcast done by Peter Ewane and Javvad Malik recently. The summary of what Peter had to say and Q&A follows; you can also view the recorded webcast.What is Malware?Malware can be a lot of things. It can be a virus, a worm, spyware, a Trojan horse, or ransomware. It’s basically any… Read more

Tags: malware

Posted in Blog: Labs

The AlienVault Labs team does a lot of malware analysis as a part of their security research. I interviewed a couple members of our Labs team, including Patrick Snyder, Eddie Lee, Peter Ewane and Krishna Kona, to learn more about how they do it.Here are some of the approaches and tools and techniques they use for reverse engineering malware,… Read more

Tags: malware, reverse engineering, malware research

Posted in Blog: Labs

PowerWare was brought to my attention by Carbon Black via their blog post. PowerWare is downloaded by a malicious macro-enabled Microsoft Word document that is distributed via a phishing email campaign. The malicious document in question attempts to convince the user to enable macros by informing them that the file is protected by Microsoft Office. This, of course, is a… Read more

Tags: ransomware, poshcoder, powerware

Get the latest
security news in
your inbox.

Subscribe via Email

Labs Research
Security Essentials
All Blogs

Gartner MQ

Featured Content

Get Price Free Trial Chat