Memory dump analysis is a crucial aspect of digital forensics, offering a snapshot of a system's volatile memory at a specific point in time. This can uncover critical evidence such as running processes, open network connections, and in-memory malware execution that disk analysis might miss. In a previous blog, we learnt how to use fmem for volatile memory acquisition.
|
By David Balaban
Whether you're working with on-premises infrastructure, fully embracing the cloud, or running a hybrid solution, one thing is certain: a robust security posture is essential to safeguarding the environment. This article will explore today’s fundamentals of security posture assessment in both on-premises and cloud environments while briefly touching on the added complexities a hybrid setup will entail.
|
By Devin Morrissey
Cybersecurity and threat preparedness may be at the forefront of your mind, and you may have protections in place against more common threats. Yet, as these threats continue to evolve, vigilance and adaptation are crucial for construction and manufacturing organizations.
|
By Michael Venturella
In a recent LevelBlue incident response engagement, an analyst in our managed detection and response (MDR) security operations center (SOC) responded to an alarm that was triggered by a suspicious email/inbox rule. The rule aimed to conceal responses to an internal phishing attempt from the account user, so the attacker could solicit funds from the company's users.
|
By Anas Baig
Business owners are increasingly recognizing its positive impact on business growth. Many marketing and sales strategies use different accounts on a single platform. However, despite its effectiveness in business, not all platforms allow multi-accounting. That’s where residential proxy comes in as an effective solution for multi-accounting.
|
By Fernando Dominguez
LevelBlue Labs recently discovered a new highly evasive loader that is being delivered to specific targets through phishing attachments. A loader is a type of malware used to load second-stage payload malware onto a victim’s system. Due to the lack of previous samples observed in the wild, LevelBlue Labs has named this malware “SquidLoader,” given its clear efforts at decoy and evasion.
|
By Theodoros Karasavvas
Summer is a time for relaxation, travel, and spending quality moments with family and friends. However, it is also peak season for cybercriminals who exploit the vulnerabilities that arise during this period. Cyberattacks surge during the summer holiday season as businesses and individuals let their guard down. Many companies operate with reduced staff as employees take time off, leaving fewer eyes on critical systems and security measures.
|
By Karoline Gore
Maintaining an active social media presence can be a great way to improve brand visibility and generate leads, but it also opens the door to cybersecurity risks — from phishing scams and malware to identify theft and data breaches. If employees accidentally post confidential information or click dodgy links via corporate accounts, cybercriminals can launch malicious attacks that can cause lasting damage to your business (67% of data breaches result from human error).
|
By Kazi Arif
Operational Technology (OT) is the backbone of our modern world as we know it today. Think about the daily operations of a factory, the precise control of our power grids, and even the supply of clean water to our homes. All of these modern capabilities are made possible and efficient due to OT systems.
|
By Irfan Shakeel
Firewall technology has mirrored the complexities in network security, evolving significantly over time. Originally serving as basic traffic regulators based on IP addresses, firewalls advanced to stateful inspection models, offering a more nuanced approach to network security. This evolution continued with the emergence of Next-Generation Firewalls (NGFWs), which brought even greater depth through data analysis and application-level inspection.
|
By LevelBlue
This video shows you how to login and use the LevelBlue Distributed Denial of Service Defense portal to analyze network traffic and monitor threats.
|
By LevelBlue
In this video, you'll learn about AT&T DDoS Defense Service Alert Emails. We'll also give you an overview of the investigation process. For any high severity alerts, which are caused by traffic exceeding thresholds in protected zones, the DDoS Defense Service sends an alert email to your contacts. At the same time, a ticket is created for the AT&T Threat Management Team to investigate the alert.
|
By LevelBlue
In this video, you'll learn about AT&T DDoS Defense Service contact management and how the company administrator adds a new contact. Contacts are notified in the event of a DDoS attack. So it's important to keep the contacts list up to date and accurate.
|
By LevelBlue
This quick overview provides a step-by-step guide of how to access the MSS Threat Portal, request a change, and access help and support.
|
By LevelBlue
This customer welcome video will be instrumental in establishing effective communication between AT&T's valued MSS customers and the AT&T MSS support team. This video will aid you with accessing AT&T's MSS support services, we are providing you with AT&T processes, guidelines, and contact / escalation information. These guidelines make it easier for the AT&T MSS team and your organization to successfully interface together to complete all the change requests and problem resolution situations that may arise in conjunction with your Managed Security Service.
|
By LevelBlue
Learn how to communicate with the AT&T Managed Extended Detection and Response Security Operations Center and complete the Customer Engagement Plan.
|
By LevelBlue
Watch now as we demonstrate how to use the USM Anywhere platform to handle AT&T Managed Extended Detection and Response (Managed XDR) investigations.
|
By LevelBlue
Learn how AT&T Cybersecurity Consultants, AT&T Managed Security Services and AT&T Alien Labs, our global threat intelligence unit, can help make it safer for your business to innovate.
|
By LevelBlue
Keep your business safe with by diagnosing the digital health of your business. Identify vulnerabilities and weaknesses before they become problems.
|
By LevelBlue
This workplace scenario skit shows how easy it is for an employee’s credentials to be compromised, and how AT&T Cybersecurity can help.
|
By LevelBlue
Phenomenal security. Phenomenal partnership. At AlienVault, we understand that customers rely on your expertise to deliver world-class security solutions specifically designed to protect their unique business. We also know that vetting partnerships opportunities with security vendors is a critical component to delivering those outcomes.
|
By LevelBlue
The Insider's Guide to Incident Response gives you an in-depth look at the fundamental strategies of efficient and effective incident response for security teams that need to do more with less in today's rapidly changing threat landscape.
|
By LevelBlue
As organizations around the world shift their workloads to Amazon Web Services (AWS) and other popular cloud infrastructure-as-a-service (IaaS) providers, concerns about cloud security continue to rise. According to a 2018 Cloud Security Report from Cybersecurity Insiders, 91% of respondents are concerned about cloud security, an increase of 11% over last year's report.
|
By LevelBlue
Get All 5 Chapters of AlienVault's How to Build a Security Operations Center (On a Budget) in 1 eBook! You'll get an in-depth look at how organizations with limited resources can set up a successful operations center for monitoring, detecting, containing, and remediating IT threats across applications, devices, systems, networks, and locations.
|
By LevelBlue
Criminal organizations and hackers increasingly perceive regional banks and credit unions as attractive targets. That's why we've created this primer-to help IT managers and executives at financial organizations understand not just the top threats they're facing, but also what they can do to fend them off.
|
By LevelBlue
This whitepaper provides an overview of Open Source IDS and the various IDS tools available today. Whether you need to monitor hosts or the networks connecting them to identify the latest threats, these are some of the best open source intrusion detection (IDS) tools available to you.
|
By LevelBlue
With so many open source tools available to help with network security, it can be tricky to figure out where to start, especially if you are an IT generalist who has been tasked with security.
- June 2024 (12)
- May 2024 (8)
- April 2024 (2)
- August 2023 (1)
- January 2023 (1)
- November 2022 (2)
- December 2020 (1)
- June 2019 (1)
- April 2019 (1)
- March 2019 (1)
- December 2018 (1)
- October 2018 (4)
- September 2018 (2)
- August 2018 (2)
- July 2018 (5)
- May 2018 (1)
- April 2018 (1)
- March 2018 (1)
- February 2018 (3)
LevelBlue has simplified the way organizations detect and respond to today’s ever evolving threat landscape. Our unique and award-winning approach, trusted by thousands of customers, combines the essential security controls of our all-in-one platform, AlienVault Unified Security Management, with the power of AlienVault’s Open Threat Exchange, the world’s largest crowd-sourced threat intelligence community, making effective and affordable threat detection attainable for resource-constrained IT teams.
AlienVault® USM Anywhere™ accelerates and centralizes threat detection, incident response, and compliance management for your cloud, on-premises, and hybrid environments. USM Anywhere includes purpose-built cloud sensors that natively monitor your Amazon Web Services (AWS) and Microsoft Azure cloud environments, and cloud applications like Office 365. On premises, lightweight virtual sensors run on Microsoft Hyper-V and VMware ESXi to monitor your virtual private cloud and physical IT infrastructure.
With USM Anywhere, you can rapidly deploy sensors into your cloud and on-premises environments while centrally managing data collection, security analysis, and threat detection from the AlienVault Secure Cloud.