We want to inform our users, partners and clients that we have just released a new version of ACSIA. With the new release, ACSIA is now able to detect Log4j vulnerability and therefore cover the CVE-2021-44228. This was notified to our users on December 14th and today we have created a new release which not …
We would like to inform all of our partners and customers that ACSIA is not affected by the vulnerability Log4J better described in CVE-2021-44228. The Elasticsearch component used by the ACSIA stack is the only impacted component within ACSIA, however, as all of our users can see, we do not expose Elasticsearch outside. It is …
We have been very busy with the continuous development of ACSIA – one of the reasons why we have been very quiet on our blog for last months. Today I just have had an hour break and decided to dig into one particular incident that has been notified by ACSIA. This specific incident was not …
Capturing Next-Generation Malware That A Malicious User Was Trying To Deploy Read More »
Today we have another study case which alerted our curiosity. As usual, our software ACSIA is constantly monitoring our server infrastructure and notifying us in real-time of any anomalous activity targeting our servers. This one is indeed another interesting case therefore let’s not wait long and start immediately looking into the case. Less talk more …
Investigating An Attack Originating From A Turkish IT Services Provider Read More »
Within the space of a week we had yet another unusual case to investigate thanks to ACSIA monitoring our systems regularly and notifying us in real time of anomalies and irregularities targeting our server infrastructure. Now lets walk through this particular case in a little detail. ACSIA notified the event as an XSS attack, even …
A Malicious Attacker Disguised As A Malware Hunter Read More »
Today our security product, ACSIA, detected numerous attacks but one in particular took our attention. The attack originated from Chicago Illinois and it seemed to resolve to a legitimate company called “SecurityScorecard” – www.securityscorecard.com – a security risk rating company. Usually in the majority of attacks that we see, people launch random and mass attacks …
With all the excitement of our first Release Candidate launch last week, it’s nice to step back and get some feedback from our system. We have deployed ACSIA to monitor a number of our internal monitoring systems while we continue development and improvement – after checking in on our system left running over the weekend, …
ACSIA Capturing Sophisticated BotNet Attacks Originating From Dallas, USA Read More »
A botnet is a number of internet-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed denial-of-service attack (DDoS attack), steal data, send spam, and allow the attacker access to the device and its connection. The owner can control the botnet using command and control (C&C) software. …
