#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

AlienVault USM | Breaking Cybersecurity News | The Hacker News

Category — AlienVault USM
AlienVault Unified Security Management: Real-Time Threat Detection Starting on Day 1

AlienVault Unified Security Management: Real-Time Threat Detection Starting on Day 1

Dec 21, 2015
As organizations expand their IT infrastructure to match their evolving business models and meet changing regulatory requirements, they often find that their networks have become extremely complex and challenging to manage. A primary concern for many IT teams is detecting threats in the mountain of event data being generated every day. Even a relatively small network can generate hundreds or thousands of events per second, with every system, application, and service generating events. The sheer volume of data makes it virtually impossible to identify manually and link those few events that indicate a successful network breach and system compromise, before the exfiltration of data. The AlienVault Unified Security Management (USM) platform is a solution to help IT teams with limited resources overcome the challenge of detecting threats in their network. USM platform accelerates and simplifies your ability to detect, prioritize, and respond to the most critical
How to Protect Yourself against XcodeGhost like iOS Malware Attacks

How to Protect Yourself against XcodeGhost like iOS Malware Attacks

Oct 19, 2015
Recently, Chinese iOS developers have discovered a new OS X and iOS malware dubbed XcodeGhost that has appeared in malicious versions of Xcode, Apple's official toolkit for developing iOS and OS X apps. The hack of Apple's Xcode involves infecting the compiler with malware and then passing that malware onto the compiled software. This is a unique approach because the hack does not attempt to inject attack code into a single app, and then try and sneak that past Apple's automated and human reviewers. Instead, the malicious code is infected on Xcode itself, which is used by software developers to craft and develop the apps for iOS and OS X operating system. The primary behavior of XcodeGhost in infected iOS apps is to collect information on devices and upload that data to command and control (C2) servers. Once the malware has established a foothold on infected devices, it has the ability to phish user credentials via fake warning boxes, open specific URLs in a
5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

Oct 01, 2024Generative AI / Data Protection
Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with significant risks, particularly the potential for sensitive data leakage. As organizations attempt to balance productivity gains with security concerns, many have been forced to choose between unrestricted GenAI usage to banning it altogether. A new e-guide by LayerX titled 5 Actionable Measures to Prevent Data Leakage Through Generative AI Tools is designed to help organizations navigate the challenges of GenAI usage in the workplace. The guide offers practical steps for security managers to protect sensitive corporate data while still reaping the productivity benefits of GenAI tools like ChatGPT. This approach is intended to allow companies to strike the right balance between innovation and security. Why Worry About ChatGPT? The e
Operation Lotus Blossom APT - Elise Malware

Operation Lotus Blossom APT - Elise Malware

Aug 04, 2015
Advanced Persistent Threat (APT) type attacks continue to emerge on a global scale. What makes these attacks deviate from the norm is often the resources required to develop and implement them: time, money, and the knowledge required to create custom pieces of malware to carry out specific, targeted attacks. Operation Lotus Blossom is one of the more recent APT attacks that has been discovered and analyzed. It is an advanced adversary campaign against the mostly government and state-sponsored entities in the Philippines, Hong Kong, Vietnam, and Indonesia. It is thought that this group carried out the attack to gain a geopolitical advantage by stealing specific information from government and military institutions in that area.  At this point, it is still too early to tell if the reach of the attack will extend to the private sector (a la Stuxnet and Duqu). How does the attack work? It was found that Operation Lotus Blossom involved a novel custom-built malware
cyber security

2024 State of SaaS Security Report eBook

websiteWing SecuritySaaS Security / Insider Threat
A research report featuring astonishing statistics on the security risks of third-party SaaS applications.
Understanding the Shared Security Model in Amazon Web Services

Understanding the Shared Security Model in Amazon Web Services

May 21, 2015
Security in the Amazon EC2 environment is a responsibility shared by both the end user and Amazon. This is because within this environment there are specific parts that Amazon has control of and specific parts that are controlled by the end user. For the end user, they are responsible for securing the operating systems running on their instances, as well as the applications running on those operating systems. On the other hand, physical security and security of the hypervisor is Amazon's responsibility. When it comes to the network, security of that layer is a shared responsibility between the user and Amazon. Implications of the Shared Security Model Huge operational efficiencies can be gained in a shared security model, however this comes at the cost of the flexibility to have total control over an environment. In the past, significant security issues have occurred as organizations move to the shared model. During this transition, it's key that organizations under
How to Detect Exploits of the GHOST Buffer Overflow Vulnerability

How to Detect Exploits of the GHOST Buffer Overflow Vulnerability

Feb 12, 2015
The GHOST vulnerability is a buffer overflow condition that can be easily exploited locally and remotely, which makes it extremely dangerous. This vulnerability is named after the GetHOSTbyname function involved in the exploit. Attackers utilize buffer overflow vulnerabilities like this one by sending specific packets of data to a vulnerable system. The attack allows the attacker to execute arbitrary code and take control of the victim's vulnerable machine. Unfortunately, the vulnerability exists in the GNU C Library (glibc) , a code library originally released in 2000, meaning it has been widely distributed. Many derivative programs utilize the glibc to carry out common tasks. Although an update released by Linux in 2013 mitigated this vulnerability, most systems and products have not installed the patch. What Can I Do About GHOST Vulnerability? Like with any vulnerability, the best way to mitigate GHOST vulnerability is to identify vulnerable systems, prioritize th
How to Detect SQL Injection Attacks

How to Detect SQL Injection Attacks

Sep 19, 2014
SQL Injection (SQLi) attacks have been around for over a decade. You might wonder why they are still so prevalent. The main reason is that they still work on quite a few web application targets. In fact, according to Veracode's 2014 State of Security Software Report , SQL injection vulnerabilities still plague 32% of all web applications. One of the big reasons is the attractiveness of the target – the database typically contains the interesting and valuable data for the web application. A SQLi attack involves inserting a malformed SQL query into an application via client-side input. The attack perverts the intentions of web programmers who write queries and provide input methods that can be exploited. There is a reason they're on the OWASP Top 10 . Termed " injection flaws ", they can strike not only SQL, but operating systems and LDAP can fall prey to SQLi. They involve sending untrusted data to the interpreter as a part of the query. The attack tricks the interpreter into
AlienVault Unified Security Management: Real-Time Threat Detection Starting on Day 1

AlienVault Unified Security Management: Real-Time Threat Detection Starting on Day 1

Mar 14, 2014
IT Infrastructure of organizations is growing ever more distributed, complex and difficult to manage. To manage such networks, a log management solution is not enough. The AlienVault Unified Security Management™ (USM) platform is the perfect solution to help manage the flood of information and analyze it in real time, to find evidence of security incidents. So, in this article we will introduce you to a security monitoring solution that provides real-time threat detection and speeds incident response. The AlienVault Unified Security Management™ (USM) platform provides all of the essential security controls required for complete security visibility, and is designed to enable any IT or security practitioner to benefit from results on day one. Powered by the latest AlienVault Labs Threat Intelligence and the Open Threat Exchange™ (OTX ) —the world's largest crowd-sourced threat intelligence exchange—AlienVault USM delivers a unified, simple and affordable solution for threat
Cybersecurity
Expert Insights / Articles Videos
Cybersecurity Resources