Signature Update #2546
  • Published in

Signature Update #2546 181 new signatures:HIGHHTTP: Eleanore Exploit Kit Exploit Fetch RequestHIGHHTTP: Eleanore Exploit Kit PDF Exploit Page RequestHIGHHTTP: Eleanore Exploit Kit Post-exploit Page RequestHIGHHTTP: Crimepack Exploit Kit Control Panel AccessHIGHHTTP: Crimepack Exploit Kit Post-Exploit Download RequestHIGHHTTP: Crimepack Exploit Kit Malicious PDF RequestHIGHHTTP: Sakura Exploit Kit Rhino Jar RequestHIGHHTTP: Sakura Exploit Kit Logo TransferHIGHHTTP: Crimeboss Exploit Kit Outbound ConnectionHIGHHTTP: Unknown Exploit Kit Redirection PageHIGHHTTP: KaiXin Exploit Kit Attack Vector AttemptHIGHHTTP: KaiXin Exploit Kit Attack Vector Attempt 1HIGHHTTP: CritX Exploit Kit Possible Redirection AttemptHIGHHTTP: CritX Exploit Kit Java Exploit Request StructureHIGHHTTP: CritX Exploit Kit PDF Exploit Request StructureHIGHHTTP: CritX Exploit Kit Portable Executable RequestHIGHHTTP: KaiXin Exploit Kit Java Class DownloadHIGHHTTP: Sweet Orange Exploit Kit Landing Page 1HIGHHTTP: Sweet Orange Exploit Kit Landing PageHIGHHTTP: Nuclear Exploit Kit Landing Page DetectedHIGHHTTP: ProPack Exploit Kit Outbound Connection AttemptHIGHHTTP: ProPack Exploit Kit Outbound Payload RequestHIGHHTTP: ProPack Exploit Kit Outbound ConnectionHIGHHTTP: Java User-Agent Flowbit SetHIGHHTTP: Sweet Orange Exploit Kit Landing Page DetectionHIGHHTTP: CritX exploit kit Java V6 Exploit DownloadHIGHHTTP: CritX exploit kit Java V7 exploit downloadHIGHHTTP: CritX exploit kit PDF Library Exploit DownloadHIGHHTTP: Styx Exploit Kit Plugin Detection ConnectionHIGHHTTP: Styx Exploit Kit Portable Executable Download RequestHIGHHTTP: Redkit Exploit Kit Redirection AttemptHIGHHTTP: Redirect To Malicious Java Archive AattemptHIGHHTTP: Multiple Exploit Kit Malicious Jar Archive DownloadHIGHHTTP: Multiple Exploit Kit contacts.exe Payload DetectionHIGHHTTP: Fiesta Exploit Kit Landing Page Detection HIGHHTTP: CritX Exploit Kit Possible Plugin Detection AttemptHIGHHTTP: CritX Exploit Kit Malicious PDF RetrievalHIGHHTTP: CritX Exploit Kit Java V5 Exploit DownloadHIGHHTTP: CritX Exploit Kit Malicious Payload RetrievalHIGHHTTP: Unknown Exlpoit Kit Driveby Download Redirection HIGHHTTP: Redkit Exploit Kit Landing Page 1HIGHHTTP: Gong Da Exploit Kit Redirection Page ReceivedHIGHHTTP: Sibhost Exploit KitHIGHHTTP: Crimeboss Exploit Kit Stats AccessHIGHHTTP: Crimeboss Exploit Kit Java OnHIGHHTTP: Crimeboss Exploit Kit Java Exploit DownloadHIGHHTTP: Crimeboss Exploit Kit Java Exploit Download 1HIGHHTTP: Crimeboss Exploit Kit Portable Executable Download Attempt 1HIGHHTTP: Crimeboss Exploit Kit Portable Executable Download Attempt 2HIGHHTTP: Crimeboss Exploit Kit Stats LoadedHIGHHTTP: Crimeboss Exploit Kit Portable Executable Download AttemptHIGHHTTP: Crimeboss Exploit Kit Redirection AttemptHIGHHTTP: Crimeboss Exploit Kit SetupHIGHHTTP: Neutrino Exploit Kit Landing Page 1HIGHHTTP: Neutrino Exploit Kit Landing Page 2HIGHHTTP: Neutrino Exploit Kit Redirection Page 2HIGHHTTP: Neutrino Exploit Kit Redirection PageHIGHHTTP: Impact Exploit Kit Landing PageHIGHHTTP: Unknown Exlpoit Downloads Oracle Java Jar file HIGHHTTP: Sakura Exploit Kit Exploit RequestHIGHHTTP: Redkit Exploit Kit Landing Page Redirection 1HIGHHTTP: Redkit Exploit Kit Java Exploit DeliveryHIGHHTTP: Redkit Exploit Kit Obfuscated Portable ExecutableHIGHHTTP: Redkit Exploit Kit Landing Page RedirectionHIGHHTTP: Multiple Exploit Kit info.dll Payload DetectionHIGHHTTP: Multiple Exploit Kit Java Payload DetectionHIGHHTTP: Sakura Exploit Kit Redirection StructureHIGHHTTP: Portable Executable Downloaded With Bad DOS StubHIGHHTTP: Multiple Exploit Kit Landing Page Specific StructureHIGHHTTP: Stamp Exploit Kit Landing PageHIGHHTTP: Sakura Exploit Kit Jar Download DetectionHIGHHTTP: Sakura Exploit Kit Landing Page ReceivedHIGHHTTP: Sakura Exploit Kit Pdf Download DetectionHIGHHTTP: IFramer Injection toolHIGHHTTP: Unknown Exploit Kit Script Injection AttemptHIGHHTTP: Impact Stamp Exploit Kit Landing Page 1HIGHHTTP: Impact Stamp Exploit Kit Landing PageHIGHHTTP: IFramer Inj

Read More
FireEye Myth and Reality
  • Published in

Some tech companies are always associated with their first acts. Dell just acquired my first employer, EMC Corporation, in order to expand its enterprise portfolio, yet the company will always be linked with personal computers and its founder’s dorm room. F5 has become a nexus that brings together networks and applications but will always retain the moniker of a load balancing company. Bit9 has established itself as a major next-generation endpoint player, yet some people can only think of its original focus on white listing.

Read More
Did Dell and EMC Just Simplify the Enterprise Mobility Strategic Decision Making Process?
  • Published in

The fact that major IT vendors are consolidating isn’t a surprise, given the feedback we hear from IT professionals about wanting to work with fewer vendors that can be more strategic to their business. The Dell/EMC acquisition also lends itself to further validation that traditional IT consumption models are being disrupted, and it is difficult to transform business models and/or continue to operate in a single proverbial IT silo. Some of this dynamic is due to a valid means of consuming IT services from public cloud providers, and the rest can be credited to IT being too complex for too long. While Dell and EMC will not position it as such, the acquisition is poised to capitalize on the fact that IT is slow and difficult to change. This fact is good for Dell/EMC as they will continue to service this massive base even as business consume more services from the cloud.

Read More
Pentahos Three-Legged Race to Big Data (with HDS)
  • Published in

Pentaho World 2015 was held in sunny Orlando this year, with over 500 attendees, and was by all accounts a friendly and informative affair. About the only question no one could answer is why the company is called Pentaho, but a rose by any other name is still very nice. One thing that was quite clear is that the team is hitting its stride with HDS as a powerful running mate.

Read More
Amazon Workspaces Delivery Compelling Usage Scenarios

I use Amazon Workspaces on my iPad Mini and have been impressed with its usability. While I admit that it is not my primary workspace, it works great for when I am using my iPad and need to get something done in a Windows environment. If I could use a mouse with the workspace like you can with Citrix Receiver, then I would significantly increase my usage of the environment.

Read More
Hybrid Clouds and Cybersecurity Front and Center at AWS re:Invent

The contrast of the DJ music pumping out bass lines and drum beats over hits from the 70s was quite apropos for the mix of hipster and middle age attendees at last week’s AWS re:Invent where the word of the week was hybrid. This year’s AWS re:Invent show had a decidedly different feel to it, one of enterprise IT. AWS holds an enviable position as the leading provider of infrastructure-as-a-service (IaaS) cloud computing services where they are Coke and we’re still waiting for Pepsi to show up. With that ground staked out, AWS is now clearly intent on being a major IT brand and that means embracing hybrid clouds and putting security front and center. 

Read More
Is Public Cloud in Dells Cards Post EMC Acquisition?

With the tech world all abuzz about the blockbuster Dell buyout of EMC, a few thoughts on what the combination of Dell and EMC could mean from a cloud perspective.

Read More
The Haystack Problem

Organizations lack sufficient collect and compute resources to arrive at accurate conclusions about whether or not events observed are good or bad. That is to say, simply passing metadata to a SIEM will not, by itself, identify a breach. To make it worse, things one organization or business unit deems “bad”, may not be “bad” […] The post The Haystack Problem appeared first on Gigamon Blog.

Read More
Run DeMC: Dell & EMC merge to thrive in the cloud era

Dell recently announced its intent to acquire EMC at approximately $33.15 a share, for a total transaction price of $67 billion. Upon first hearing of this deal, the ancient proverb, “fortune favors the bold,” immediately came to mind. This is a massive deal, and while some will say it is too risky, I would argue that the industry conditions have shifted to where it might be more risky for Dell and EMC not to make this move. The IT industry is in the midst of a massive upheaval. The merger makes both companies stronger than how they might have been apart.

Read More
Automated Traffic Visibility for Software Defined Data Centers using VMware NSX Dynamic Service Insertion

Another week, another advancement in GigaSECURE Security Delivery Platform from Gigamon, the leader in the Traffic Visibility space! Previously, my colleague Johnnie discussed GigaSECURE solutions to ‘Secure the promise of SDDC Micro-Segmentation’. Now, we are excited to announce at VMworld Barcelona, new extensions to GigaSECURE, specifically GigaVUE-VM that will automate traffic visibility for securing the […] The post Automated Traffic Visibility for Software Defined Data Centers using VMware NSX Dynamic Service Insertion appeared first on Gigamon Blog.

Read More
A Dell & EMC Merger = A Big Data & Analytics Powerhouse

So by now you have probably heard that Dell is planning on acquiring EMC, while leaving VMware as a publicly traded entity. Hot stuff indeed. This has big implications for the IT market as a whole, but Im most interested in how it sets up change for the big data, database, and analytics space. A few immediate opportunities and a risk are in store:

Read More
A Call for Open Cybersecurity Middleware

While attending Splunk.conf 15, I sat in on an interesting presentation given by Christof Jungo, head of security architecture and engineering at Swisscom.

Read More

Videos

Conference Chair Ian Luckett outlines the content of the second virtual SDC Channel Summit event, taking place 10-11 May. A mixture of keynote presentations, roundtables and panel discussions promise to produce plenty of valuable insights for Channel companies dealing with the challenges and opportunities of digital transformation.
Andre Azevedo, CEO at Ancoris, explains how the company’s new GreenLab Google Cloud service helps organisations to understand the actions they can take around their IT infrastructure to achieve their sustainability goals, with cloud migration a high priority for many.
Piers Wilson, Head of Product Management at Huntsman Security, discusses the importance of carrying out a ransomware readiness assessment to discover any potentially costly security gaps within an organisation’s IT infrastructure. The company’s recently launched SmartCheck for Ransomware is designed to help companies fortify their cyber risk management.
Thor Johnsen, Head of Triple Point's Digital 9 Infrastructure plc., discusses the organisation’s recent data centre acquisitions in London and Finland, as it seeks to develop a multi-site, multi-location strategy with sustainability as a central focus.

News

Pega Cloud to be offered on Google Cloud to give clients more cloud choice.
One of the leading global email cloud security and backup providers adds IT security awareness-building training to its portfolio.
The Internet of Things (IoT) is a top IT priority for global organisations for the next 12 months. But while the vast majority (92%) agree that they need to invest in IoT technologies in order to remain competitive, IT complexity and proven ROI are creating challenges. Delays and budget cuts due to the global pandemic have also had a more recent impact on project implementation.
New research from Rackspace Technology delves into the state of UK businesses’ challenges when it comes to adopting new cloud technologies.