March 13, 2014 | Monica Tan

Designing for Everyday Security

In the 1980’s Don Norman wrote a book titled “The Design of Everyday Things”. In his book he describes the importance of product design when it comes to how humans interact with it. He describes human interactions with fixtures, chairs, doors, and software applications. One of the simple design principles that Norman talks about is that the…

March 11, 2014 | Jaime Blasco

Botnet bruteforcing Point Of Sale terminals via Remote Desktop

Every single day our automated systems analyze hundreds of thousands of malicious samples. Yesterday one of the samples caught my attention because the malware started performing bruteforce attacks against Remote Desktop using certain username and passwords. MD5: c1fab4a0b7f4404baf8eab4d58b1f821 Other similar samples: c0c1f1a69a1b59c6f2dab1813…

Get the latest
security news
in your inbox.

Subscribe via email


March 4, 2014 | Lauren Barraco

What’s New in AlienVault v4.5?

At AlienVault, we know that you never have enough time to dedicate to security and that’s why we’re laser focused on how to make threat detection and incident response more efficient for everyone. We know you probably have a full-time job in addition to security and that you can’t afford to waste time tracking…

February 25, 2014 | Bill Smartt

Detecting malware on Mac OS X with USM and MIDAS

Let’s briefly review what we accomplished in the first post: Understood the capabilities and design of MIDAS Deployed MIDAS on a Mac OS X endpoint installed the MIDAS plugin in AlienVault USM Verified the integration by running MIDAS and confirming the events in the SIEM How does this make us safer? More generally, what does this mean? To…

February 25, 2014 | Russ Spitler

Open Threat Exchange - Changing the economics of cybercrime

I am no economist. But, I do listen to the freakonomics podcast regularly, I have read many books on the subject, and I can recognize Kai Ryssdal’s voice; so I would like to think I could at least qualify to advise a small, already-wealthy, nation somewhere in the Caribbean. Recently, I have been thinking a lot about the…

February 24, 2014 | Barmak Meftah

You are Not Alone

Today I had the pleasure to address the 10th Annual West Coast Information Security Conference on the topic of threat intelligence. In the past, security professionals in law-abiding companies may have felt very alone and not privy to threat intelligence. There was nowhere to turn for affordable, accurate and up-to-date threat information. It’s one of the ways defenders…

February 24, 2014 | Lauren Barraco

Spotted at RSA: UFO beaming down hope for a more secure tomorrow

The theme in the AlienVault booth is “You are not alone”, and while it’s easy to assume this is just a clever play on our alien name, we actually want all of our booth visitors to walk away understanding that, truly – you are not alone. In a world of single-purpose security tools and closed threat…

February 21, 2014 | Jaime Blasco

Analysis of an attack exploiting the Adobe Zero-day - CVE-2014-0502

Yesterday FireEye reported about a new Zero-Day affecting Adobe Flash that is being exploited in the wild and Adobe issued a security update regarding the vulnerability. Several websistes were redirecting visitors to a malicious server containing the exploit including: Peterson Institute for International Economics American Research Center in Egypt Smith Richardson Foundation as reported by FireEye. The malicious Flash…

February 19, 2014 | Alberto Ortega

Yara signatures for “Careto” - The Masked APT

Last week, Kaspersky Lab released their research (Unveiling "Careto" - The Masked APT) on a fresh APT campaign, which is supposed to had been running for several years. The campaign has different pieces of malware designed for Windows and OSX systems, and also clues of components for Android and iOS devices. The main targets of…

February 11, 2014 | Jaime Blasco

Building an Effective Incident Response Framework Infographic

Organizations are bombarded with potential threats every day. Most of these are small and irritating, not truly critical—but among those needles are little threads of larger actions at work. An incident response program enables you to pull out the needles that make up the haystack of the big picture. The ultimate goal of an incident response program is…

January 22, 2014 | Lauren Barraco

The Life of a Security Researcher

Have you ever wondered what a security researcher does all day? From investigating malicious software to social engineering, security research is more than a full-time job - its a way of life. In the past year, we’ve seen security research hit the mainstream media as more organizations continue to get hit with malware, botnets and more. Today I…

January 7, 2014 | Ash Wilson

Network Security Monitoring: The nexus of network and security operations

I came into the network security monitoring mission from an infrastructure management role. I was 'that guy' who might block ACL changes if the word 'any' occurred twice in the same line, insisting that the systems and development crew be more specific with application traffic flow. Security, for me, was an aspect of my work. The company that I worked…