How to detect and investigate attack methods with AlienVault USM

Shellshock (Bash) Vulnerability

• Webcast: The Bash Vulnerability: Practical Tips to Secure your Environment
• Blog: Bourne Again: Helping you see the light through the Shellshock exploit
• Blog: Attackers exploiting Shellshock (CVE-2014-6721) in the wild

Brute Force Attacks

• Webcast: Brute Force Attacks: Keeping the Bots at Bay with AlienVault USM
• Webcast: Detect Brute Force Attacks & APTs in Less That 1 Hour with AlienVault
• Blog: Brute Force Attacks & How They’ve Been Used to Access Nude Celebrity Photos
• Blog: Botnet bruteforcing Point Of Sale terminals via Remote Desktop

Ransomware

• Webcast: Detect Ransomware Before it’s Too Late with AlienVault USM
• Webcast: How to Detect a Cryptolocker Infection with AlienVault USM
• Solution Brief (PDF): Detecting CryptoLocker with AlienVault USM Solution Brief
• Blog: Ransomware now accepts bitcoin as a payment method
• Blog: Urausy ransomware family, a quick internals overview

Watering Hole Attacks

• Webcast: Watering Hole Attacks: Detect End-User Compromise Before the Damage is Done
• Blog: Scanbox: A Reconnaissance Framework Used with Watering Hole Attacks
• Blog: New Internet Explorer zeroday was used in the DoL Watering Hole campaign

System Compromise & Data Exfiltration

• Webcast: How to Detect System Compromise & Data Exfiltration
• Blog: Tracking Patient Zero (June 19, 2014)
• Blog: Operation Saffron Rose Catches Ajax Security Team in Cyber Espionage

SQL Injection & XSS Attacks

• Webcast: How to Detect SQL Injection & XSS Attacks using SIEM Event Correlation
• Blog: Close Encounters of the Nerd Kind – SQL Injection Attack Examples

Heartbleed Vulnerability

• Webcast: How to Detect the Heartbleed Vulnerability Using AlienVault USM
• Video: How to Detect Heartbleed Vulnerabilities & Attacks
• Blog: CVSS Score: A Heartbleed By Any Other Name
• Blog: What Should I Do About Heartbleed?