Tag: Botnets

Visual Investigations of Botnet Command and Control Behavior Infographic

Malicious botnets are a problem that continues to plague the Internet. StealthWatch® Labs™ research explores the command and control behaviors a collection of nearly two million unique botnet malware samples that were active between 2010 and 2012. These samples reached out to nearly 150,000 different command and control servers on over 100,000 different TCP and UDP ports. This data set is complex and heterogeneous, and thus it is difficult to analyze. However, when the data is represented visually, patterns emerge that lead to interesting insights In October, Tom Cross, Lancope's Director of Research, presented a poster at Visualization for Cyber Security (VizSec)… READ MORE

Visual Investigations of Botnet Command and Control Behavior

Lancope's research looks at a collection of nearly two million unique botnet malware samples in an attempt to better understand how botnets use the Internet to communicate. Lancope created visualizations of the TCP and UDP ports that these malware samples used for command and control communications between 2010 and 2012, and compared that information to legitimate network traffic in a typical small office environment. Significant differences in the utilization of different ports are immediately noticeable from the images that Lancope created. READ MORE

New APT1/Comment Crew Indicators

StealthWatch Labs has uncovered a new set of technical indicators associated with the APT1 attacks that have not been published in another forum as far as we are aware. READ MORE

SLIC Threat Feed unveiled by Lancope

Lancope announced this week that it is now offering the StealthWatch Labs Intelligence Center™ (SLIC) Threat Feed to provide enhanced detection capabilities for botnets and advanced malware. READ MORE

Lessons Learned from the New York Times Hack

Unfortunately, The New York Times is not the only organization that has been the victim of a sophisticated, targeted attack of this nature, and it certainly will not be the last as regular drum beat of these kinds of incidents has been reported over the past few years. In order to combat these new and constantly evolving threats, defensive techniques need to adapt. READ MORE