The AlienVault Blogs: Taking On Today’s Threats

The most recent posts from across the AlienVault blogs.

Subscribe: Via Email | RSS


Late-breaking discoveries and in-depth analysis.

Subscribe: Via Email | RSS


Practical, how-to advice, tips and guidance.

Subscribe: Via Email | RSS

Posted in Blog: Labs

By: Eddie Lee and Jaime Blasco   Imagine if an authoritarian state had a tool to get private information about users visiting certain websites, including real names, mail addresses, sex, birthdays, phone numbers, etc. Imagine that even users that run TOR or VPN connections to bypass the tools that the authoritarian government uses to block and monitor these websites were… Read more

Tags: china, tor, malicious javascript, watering hole attacks, watering holes, privacy, censorship

Posted in Blog: Labs

Yesterday, another cyber espionage group with Russian roots made it to the New York Times headlines again courtesy of FireEye and a new report they published. FireEye did a pretty good job on attribution and giving some technical indicators; however, they neglected to reference previous work on this threat actor from companies like PWC, TrendMicro, ESET and others. We have… Read more

Tags: malware, apt, cve-2012-0158, internet explorer, exploit, cve-2013-1347, spearphishing, phishing, web compromises, apt28, sofacy, cve-2014-1776, cve-2010-3333, cve-2014-1761, cve-2013-3897, sednit

Posted in Blog: Labs

Yesterday, a new vulnerability affecting Bash (CVE-2014-6271) was published. The new vulnerability allows attackers to execute arbitrary commands formatting an environmental variable using a specific format. It affects Bash (the Bourne Again SHell), the default command shell for Linux and other UNIX flavors inlcuding Mac OS X. The vulnerability is critical since it can be exposed on web servers… Read more

Tags: botnet, exploit, irc, cve-2014-6721, bash

Posted in Blog: Labs

We have previously described how Exploit Kits are some of the favorite techniques used by cybercriminals to install malicious software on victims' systems. The number of Exploit Kits available has experienced exponential growth in the last few years. Since Blackhole’s author was arrested in 2013, the number of Exploit Kits has increased - including Neutrino, Magnitude, Nuclear, Rig and… Read more

Tags: malware, internet explorer, exploit, exploit kit

Posted in Blog: Labs

A few days ago we detected a watering hole campaign in a website owned by one big industrial company. The website is related to software used for simulation and system engineering in a wide range of industries, including automotive, aerospace, and manufacturing. The attackers were able to compromise the website and include code that loaded a… Read more

Tags: scanbox, watering hole

Get Email Updates

Labs Research
Security Essentials
All Blogs

Gartner MQ

Featured Content

Our Authors:

AlienVault Labs