AlienVault and Kaspersky Help Organizations Neutralize Red October Attack

The companies have released a whitepaper that details the cyber espionage campaign

By on January 21st, 2013 23:01 GMT
AlienVault and Kaspersky have released a whitepaper entitled “Operation ‘Red October’: Indicators of Compromise and Mitigation Data.”

The report’s purpose is to aid organizations in identifying and mitigating the recently uncovered massive cyber espionage campaign dubbed Red October.

The whitepaper contains background information, indicators of compromise, command and control domains, the IP addresses utilized in the attack, a list of passwords and community names used to attack network devices, network traffic details, RC4 encryption keys, and data on the vulnerabilities exploited in the campaign.

In addition, the security firms also provide an OpenIOC file that can be used by system administrators to check for any signs of the cyber espionage operation.

In the meantime, Kaspersky has revealed that the attackers have started shutting down their command and control infrastructure.

“Operation ‘Red October’: Indicators of Compromise and Mitigation Data” is available here.
Kaspersky and AlienVault have released whitepaper on Red October
   Kaspersky and AlienVault have released whitepaper on Red October
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

1 Comment