Home > IT Blogs > Security Bytes > RSA adds malware domain feeds to CyberCrime Intelligence Service
>>VIEW ALL POSTS  

Security Bytes

« China cyberwar topic raised in Republican presidential debate
Critically-rated Microsoft patch can be reverse-engineered to create DoS attack »
Aug 17 2011   2:49PM GMT

RSA adds malware domain feeds to CyberCrime Intelligence Service



Posted by: Robert Westervelt
Security Vendor News, malicious URLs

List of malware domains can be fed into IPS and IDS appliances to disrupt communication between malware and an attacker’s command and control server.

RSA is bolstering its CyberCrime Intelligence Service, adding malicious domain blacklists as a new feature for organizations that use the service.

Malicious domain blacklists, which can be gotten from a variety of sources, are pieced together by the security research community to cut off malware from their command and control server. Blacklisted hosts and IP addresses are used by cybercriminals for launching attacks or storing stolen information. Many of the blacklist feeds are freely available, but RSA’s service will bring together information it has collected from its partners into one location.

The RSA CyberCrime Intelligence Service is a managed security service, which provides companies with data about infected machines and systems present on their network. It focuses mainly on endpoint devices and provides raw data on malware detection and what business data or email correspondence may have been compromised. RSA said the data helps organizations identify gaps in existing security policies, remediate incidents of identity theft and infected corporate machines and educate employees about the impact of malware infections.

RSA is likely wrapping in data pulled from its NetWitness acquisition. NetWitness Spectrum provids users to with a feed to the Malware Domain List, ZeuSTracker and Shadowserver, as well as its own live threat intelligence service. RSA also licenses feeds from its partners, which collect malicious IP and domain data from their customer base.

McAfee, Symantec, VeriSign and other security vendors offer similar managed security intelligence services. IBM, Hewett-Packard and CA also offer security services that include threat assessments and other services designed to help organizations assess their individual risk profile. Some services like VeriSign’s iDefense Security Intelligence Services offer more robust information, including vulnerability data and malicious code analysis to help incident response teams.

Telecommunications providers AT&T and Verizon also have subscription-based services providing near real-time threat landscape data and information specific to an organization. In June, Verizon announced a new Incident Analytics Service, which brings together the firm’s popular data breach investigation report along with data from its incident, classification and reporting repository. The goal of that service is to help organizations score themselves relative to other firms in their peer group.

  Bookmark and Share     Comment     RSS Feed     Email a friend

Comment on this Post


You must be logged-in to post a comment. Log-in/Register

Sdg  |   Apr 14 2012   10:35AM GMT

The backdoor is a method of bypassing normal authentication procedures. Once a system has been compromised, one or more backdoors may be installed in order to allow easier access in the future. Backdoors may also be installed prior to malicious software, to allow attackers entry. Thanks.
Regards,
website malware removal


 

Freyajordan88  |   Apr 23 2012   12:14PM GMT

Beautiful attractive information is visible in this blog and the very good article are procession in this blog. This info is very helpful for me with my project time and trust you very much for using the valuable info in this blog.
cell phone spy software


 

Wify  |   Apr 24 2012   5:11AM GMT

In broad terms, a Trojan horse is any program that invites the user to run it, concealing a harmful or malicious payload. The payload may take effect immediately and can lead to many undesirable effects, such as deleting the user’s files or installing additional harmful software. Thanks.
Regards,
local search marketing


 

Arianaqrsn  |   Apr 27 2012   4:36AM GMT

Hi. Very happy to see your article, I very much to like and agree with your point of view. Thank you for sharing… Ariana @ no deposit casino bonus codes.


 

Kop1  |   May 2 2012   12:27PM GMT

I really loved reading your blog. It was very well authored and easy to understand. Unlike additional blogs .
MBA admission essays


 

Kop1  |   May 4 2012   3:19AM GMT

If this doesn’t work I would suggest that you get the camera checked over via a good photographic shop to see if the lens/camera are in sync with each other. <a href="http://www.spsshelp.org" rel="nofollow">spss help</a>


 

Kop1  |   May 4 2012   3:20AM GMT

This article will help everyone to know so much important information. It is very alternative for people and this article can help anybody. Nice post!!!
spss help