May 26, 2020 | Josh Gomez

Stories from the SOC - System compromise with lateral movement

Executive Summary Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. Malicious network traffic from foreign IPs was observed trying to establish communication to a compromised internal system. The internal system was then…

May 19, 2020 | Dax Morrow

TrickBot BazarLoader In-Depth

Ofer Caspi, a fellow Alien Labs researcher, co-authored this blog. Executive Summary AT&T Alien Labs actively tracks the TrickBot group through an automated malware analysis system, hunting, and in-depth technical research. On April 20th, 2020 independent security researchers “pancak3lullz” (@pancak3lullz) and Vitali Kremez (@VK_Intel) posted a Tweet regarding two new TrickBot modules aptly named …

Get the latest
security news
in your inbox.

Subscribe via email


May 18, 2020 | Mike Klepper

Disruption on the horizon

Innovations in technology have been a prime agent for disruption throughout much of human history.  Advancements in materials science gave English archers, with their superior longbows, the advantage over the French in many conflicts during the Hundred Years War; such as the Battle of Agincourt.  In the late 2000’s, the music industry was forced to reinvent itself…

May 14, 2020 | Devin Morrissey

The importance and security concerns of staying connected during the COVID-19 pandemic

Unsplash The COVID-19 pandemic sweeping the globe has effectively put a stop to the bulk of face-to-face interactions. With social distancing and shelter in place orders in effect, people are stuck at home and relying on the Internet as not only a tool for communication and entertainment but as their only way to earn money during this hectic and uncertain…

May 13, 2020 | Karoline Gore

Why cybersecurity In the healthcare sector needs improvement

Photo by Hush Naidoo on Unsplash This blog was written by an independent guest blogger.rA recent attack on a hospital in Brno, Czech Republic (a COVID-19 testing center)ehowed the extent to which weaknesses in a health center’s cybersecurity system can endanger the lives of patients. During this attack, patients had to be redirected…

May 12, 2020 | Tawnya Lancaster

The relationship between security maturity and business enablement

A seminal report exploring the correlation between cybersecurity and positive business and security outcomes Now more than ever organizations globally want to better understand, manage, and minimize security risks. To achieve this, security leaders should be regularly assessing their processes and programs to gain a sense of their organization’s security maturity, where gaps exist, and what can be…

May 11, 2020 | Jeff LaCroix

Stories from the SOC - Office365 Credential Abuse

Executive Summary Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers. The most critical element in combating malicious attempts on technology today is visibility. When considering the sheer amount of various cloud, firewall,…

May 7, 2020 | Lisa Ashjian

Remote workers making mobile management and security first priority

Your employees are remote, are your endpoints protected? In recent years, many businesses had already begun planning for a gradual shift towards an increasingly remote workforce, yet fewer had implemented a mobile-first strategy, and some were still formulating strategies. At a gradual pace, IT administrators could handle a small percentage of remote workers and saw the management features of device…

May 6, 2020 | Edwardo Rodriguez

Recalling the ILOVEYOU worm from 20 years ago

Twenty years ago, the ILOVEYOU worm utilized the most basic human emotion, the desire to be loved. It replicated itself at unprecedented rates that spurred the imagination of hackers and the cynicism of the general public. The on-line world was never the same. As with all worms, the ILOVEYOU worm operated as a standalone program.  It is a Visual…

May 6, 2020 | Thomas Jung

Balancing security and flexibility with a remote workforce

This blog was written by an independent guest blogger. According to the Pew Research Center, last year, roughly seven percent of U.S. workers regularly enjoyed the option of working from home. Well accustomed to the nature of remote work, these individuals were equipped with stable internet connections, collaboration and communication tools, and security technologies that helped them excel from…

May 4, 2020 | Roger Thornton

5 defensive COVID-19 actions IT managers can take now

As if there wasn’t enough to worry about these days, cyber attacks have taken a sharp uptick since the COVID-19 pandemic began this year. From January to March, AT&T Alien Labs Open Threat Exchange (OTX) saw ​419,643 indicators of compromise (IOC) related to COVID-19, including a​ 2,000% month-over-month increase from February to March. Cybercriminals are taking advantage of…

April 30, 2020 | Theresa Lanowitz

AT&T Cybersecurity receives Frost & Sullivan award in Managed Security Services

Recently, we learned the good news from industry analyst firm, Frost & Sullivan, that we received the 2019 Frost Radar Award for Growth, Innovation & Leadership (GIL) in the Global Managed Security Services (MSS) Market. Frost & Sullivan’s global team of analysts and consultants recognized our achievements in innovating and creating new products and solutions that serve ever-evolving customer…