Red October - Indicators of Compromise and Mitigation Data

January 21, 2013 | Jaime Blasco
X

Get the latest security news in your inbox.

Subscribe via Email

No thanks. Close this now.

Together with our partner, Kaspersky, we’re releasing a whitepaper on the “indicators of compromise” that can be useful to detect and mitigate the threats from Red October. It contains indicators to detect most of the Red October activity in your systems and networks. Inside the whitepaper you will find snort rules as well as an OpenIOC file that you can use to check your systems for activity related to this cyber espionage campaign.

Link to the whitepaper

OpenIOC file

Read more from Red October

Jaime Blasco

About the Author: Jaime Blasco
Jaime Blasco is a renowned Security Researcher with broad experience in network security, malware analysis and incident response. At AlienVault, Jaime leads the Lab Intelligence and Research team that leads the charge of researching and integrating threat intelligence into detection mechanisms. Prior to working at AlienVault he founded a couple of startups (Eazel, Aitsec) working on web application security, source code analysis and incident response. He is based in San Francisco. Jaime's work in emerging threats and targeted attacks is frequently cited in international publications such as New York Times, BBC, Washington Post and Al Jazeera.
Read more posts from Jaime Blasco ›

‹ BACK TO ALL BLOGS

Watch a Demo ›
GET PRICE FREE TRIAL