{"id":1255,"date":"2018-01-23T10:02:50","date_gmt":"2018-01-23T14:02:50","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=1255"},"modified":"2018-02-23T11:31:03","modified_gmt":"2018-02-23T15:31:03","slug":"alienvault-otx-malware-report","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/","title":{"rendered":"Key Findings from AlienVault’s Open Threat Exchange Platform Reports on Malware"},"content":{"rendered":"

\"alienvault-malware-otx-report\"<\/p>\n

Last week, we examined the findings of SIEM<\/a> vendor AlienVault\u2019s Open Threat Exchange (OTX) platform report on <\/span>exploits in 2017<\/span><\/a>. In the interest of collaborating with other vendors and solution providers to improve the field\u2019s efficiency and comprehensiveness, they released part 2 of their findings on malware this week. The solution-seeker will find in this report another piece of the portrait of the ever-changing digital threat landscape. <\/span><\/p>\n

Here are the key findings from part 2:<\/span><\/p>\n

Malware Live Colorful, Global Lives<\/b><\/h3>\n

Analyzing the anonymised security event information from their customers, AlienVault determined that the most popular malware family, NjRat, is particularly prevalent in the Middle East. Its global popularity stems from the ease of obtaining and using it. NjRat malware are simplistic backdoors with a plethora of how-to videos for beginner hackers available on Youtube. NjRat has been employed by both no-name criminals and high-level political attackers. <\/span><\/p>\n

AlienVault observed that many of the most common malware programs are freely available on the black market, often bundled with anti-virus evasion customizations. The proliferation of freely available hacking tools for the inexperienced and unscrupulous are a <\/span>rising concern<\/span><\/a> for cybersecurity professionals in 2018. \u00a0\u00a0<\/span><\/p>\n

Malware Domains are Vulnerable to Sinkholing <\/b><\/h3>\n

As part of their report. AlienVault compiled a list of the most popular malicious domain names, but acknowledged that attackers rarely use a singular domain; that makes it too easy for security professionals and law enforcement to wrest control of the domain away from them. 40% of the most popular malware domains in 2017 were sinkholed\u2014with their online traffic redirected automatically to another destination, in this case to a safe one\u2014effectively nullifying them. The WannaCry ransomware connectivity check domain was halted through sinkholed by MalwareTech. \u00a0\u00a0<\/span><\/p>\n

This Report Only Touches On the Issue<\/b><\/h3>\n

Many of AlienVault\u2019s findings are biased toward malware families that have named network detections and for polymorphic malware when listing individual samples. Therefore the report cannot list unknown threats, and it should not be taken as a definitive list of all the malware in existence. Instead, it\u2019s a good survey of what kinds of known malware threats exist and how they proliferate.<\/span><\/p>\n

You can read Part 2 of the report here<\/a>.<\/p>\n
Widget not in any sidebars
\n","protected":false},"excerpt":{"rendered":"

Last week, we examined the findings of SIEM vendor AlienVault\u2019s Open Threat Exchange (OTX) platform report on exploits in 2017. In the interest of collaborating with other vendors and solution providers to improve the field\u2019s efficiency and comprehensiveness, they released part 2 of their findings on malware this week. The solution-seeker will find in this […]<\/p>\n","protected":false},"author":41,"featured_media":1256,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1,3],"tags":[175,95,145,112,86,205,41,21,57],"acf":[],"yoast_head":"\nKey Findings from AlienVault's OTX Platform Reports on Malware<\/title>\n<meta name=\"description\" content=\"In the interest of collaborating with other vendors and solution providers, AlienVault released part 2 of their OTX report findings on malware this week.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Key Findings from AlienVault's OTX Platform Reports on Malware\" \/>\n<meta property=\"og:description\" content=\"In the interest of collaborating with other vendors and solution providers, AlienVault released part 2 of their OTX report findings on malware this week.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions & Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2018-01-23T14:02:50+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-02-23T15:31:03+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/alienvault-mod-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/\",\"name\":\"Key Findings from AlienVault's OTX Platform Reports on Malware\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/alienvault-mod-1.jpg\",\"datePublished\":\"2018-01-23T14:02:50+00:00\",\"dateModified\":\"2018-02-23T15:31:03+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"In the interest of collaborating with other vendors and solution providers, AlienVault released part 2 of their OTX report findings on malware this week.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/alienvault-mod-1.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/alienvault-mod-1.jpg\",\"width\":800,\"height\":400,\"caption\":\"alienvault-threat-actor-otx-report\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Key Findings from AlienVault’s Open Threat Exchange Platform Reports on Malware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions & Vendors\",\"description\":\"Buyer's Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Key Findings from AlienVault's OTX Platform Reports on Malware","description":"In the interest of collaborating with other vendors and solution providers, AlienVault released part 2 of their OTX report findings on malware this week.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/","og_locale":"en_US","og_type":"article","og_title":"Key Findings from AlienVault's OTX Platform Reports on Malware","og_description":"In the interest of collaborating with other vendors and solution providers, AlienVault released part 2 of their OTX report findings on malware this week.","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","article_published_time":"2018-01-23T14:02:50+00:00","article_modified_time":"2018-02-23T15:31:03+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/alienvault-mod-1.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/","name":"Key Findings from AlienVault's OTX Platform Reports on Malware","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/alienvault-mod-1.jpg","datePublished":"2018-01-23T14:02:50+00:00","dateModified":"2018-02-23T15:31:03+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"In the interest of collaborating with other vendors and solution providers, AlienVault released part 2 of their OTX report findings on malware this week.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/alienvault-mod-1.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/01\/alienvault-mod-1.jpg","width":800,"height":400,"caption":"alienvault-threat-actor-otx-report"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-otx-malware-report\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Key Findings from AlienVault’s Open Threat Exchange Platform Reports on Malware"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","description":"Buyer's Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/1255"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=1255"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/1255\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/1256"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=1255"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=1255"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=1255"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}