Example: An unexpected process with odd name (cjkvy-bc.exe) is observed on a workstation. Soon after the process launch, communication is observed to a known botnet C&C IP address registered in Germany. The MD5 hash of the process identifies it as ransomware; the signature matches TeslaCrypt. Closer examination shows that the EXE has been added to […]
Articles Tagged: ransomware
How to detect and investigate attack methods with AlienVault USM
Shellshock (Bash) Vulnerability Webcast: The Bash Vulnerability: Practical Tips to Secure your Environment Blog: Bourne Again: Helping you see the light through the Shellshock exploit Blog: Attackers exploiting Shellshock (CVE-2014-6721) in the wild Brute Force Attacks Webcast: Brute Force Attacks: Keeping the Bots at Bay with AlienVault USM Webcast: Detect Brute Force Attacks & APTs […]