All Articles

Ordered by Date Received : Year: "2021" Month: "11" Day: "04"
Page: << < 7 (of 7)

Total Articles in this collection: 353

Navigation Help at the bottom of the page

Article: Veritas collaborates with Microsoft to provide data protection solutions to enterprise customers - published over 2 years ago.
Content:
https://www.helpnetsecurity.com/2021/11/04/veritas-microsoft/
Published: 2021 11 04 00:45:23
Received: 2021 11 04 01:03:57
Feed: Help Net Security - News
Source: Help Net Security - News
Category: Cyber Security
Topic: Cyber Security

Get your Free Scan and Score Certificate

Article: Android.MisoSMS : Its Back! Now With XTEA - published about 10 years ago.
Content: FireEye Labs recently found a more advanced variant of Android.MisoSMS, the SMS-stealing malware that we uncovered last December — yet another sign of cybercriminals’ growing interest in hijacking mobile devices for surveillance and data theft. Like the original version of the malware, the new variant sends copies of users’ text messages to ser...
http://www.fireeye.com/blog/threat-research/2014/03/android-misosms-its-back-now-with-xtea.html
Published: 2014 03 31 08:00:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Free Score Certificate

Article: Spear Phishing the News Cycle: APT Actors Leverage Interest in the Disappearance of Malaysian Flight MH 370 - published about 10 years ago.
Content: While many advanced persistent threat (APT) groups have increasingly embraced strategic Web compromise as a malware delivery vector, groups also continue to rely on spear-phishing emails that leverage popular news stories. The recent tragic disappearance of flight MH 370 is no exception. This post will examine multiple instances from different thre...
http://www.fireeye.com/blog/threat-research/2014/03/spear-phishing-the-news-cycle-apt-actors-leverage-interest-in-the-disappearance-of-malaysian-flight-mh-370.html
Published: 2014 03 25 04:01:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Score Summary

Get your Free Scan and Score Certificate

Cyber Tzar Free Score Certificate

Article: From Windows to Droids: An Insight in to Multi-vector Attack Mechanisms in RATs - published about 10 years ago.
Content: FireEye recently observed a targeted attack on a U.S.-based financial institution via a spear-phishing email. The payload used in this campaign is a tool called WinSpy, which is sold by the author as a spying and monitoring tool. The features in this tool resemble that of many other off-the-shelf RATs (Remote Administration Tools) available today. ...
http://www.fireeye.com/blog/threat-research/2014/03/from-windows-to-droids-an-insight-in-to-multi-vector-attack-mechanisms-in-rats.html
Published: 2014 03 18 08:00:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Get your repeat Free Scan and Score Certificate

Article: A Little Bird Told Me: Personal Information Sharing in Angry Birds and its Ad Libraries - published about 10 years ago.
Content: Many popular mobile apps, including Rovio’s ubiquitous Angry Birds, collect and share players’ personal information much more widely than most people realize. Some news reports have begun to scratch the surface of the situation. The New York Times reported on Angry Birds and other data-hungry apps last October. And in January, the newspaper ...
http://www.fireeye.com/blog/threat-research/2014/03/a-little-bird-told-me-personal-information-sharing-in-angry-birds-and-its-ad-libraries.html
Published: 2014 03 27 15:30:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Your Score Explained

Article: Write Once, Exploit Everywhere: FireEye Report Analyzes Four Widely Exploited Java Vulnerabilities - published about 10 years ago.
Content: Over the last couple of decades, Java has become the lingua franca of software development, a near-universal platform that works across different operating systems and devices. With its “write once, run anywhere” mantra, Java has drawn a horde of developers looking to serve a large user base as efficiently as possible. Cyber attackers like Java for m...
http://www.fireeye.com/blog/threat-research/2014/02/write-once-exploit-everywhere-fireeye-report-analyzes-four-widely-exploited-java-vulnerabilities.html
Published: 2014 02 21 15:00:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Gold Score Certificate

Get your repeat Free Scan and Score Certificate

Cyber Tzar Score Summary

Article: Operation SnowMan: DeputyDog Actor Compromises US Veterans of Foreign Wars Website - published about 10 years ago.
Content: On February 11, FireEye identified a zero-day exploit (CVE-2014-0322) being served up from the U.S. Veterans of Foreign Wars’ website (vfw[.]org). We believe the attack is a strategic Web compromise targeting American military personnel amid a paralyzing snowstorm at the U.S. Capitol in the days leading up to the Presidents Day holiday weekend. Ba...
http://www.fireeye.com/blog/threat-research/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html
Published: 2014 02 13 23:06:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Security Made Simple

Article: Background Monitoring on Non-Jailbroken iOS 7 Devices -- and a Mitigation - published about 10 years ago.
Content: Background monitoring mobile applications has become a hot topic on mobile devices. Existing reports show that such monitoring can be conducted on jailbroken iOS devices. FireEye mobile security researchers have discovered such vulnerability, and found approaches to bypass Apple's app review process effectively and exploit non-jailbroken iOS 7 succ...
http://www.fireeye.com/blog/threat-research/2014/02/background-monitoring-on-non-jailbroken-ios-7-devices-and-a-mitigation.html
Published: 2014 02 25 01:24:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Score Analysis

Article: Amazon's Mobile Shopping Clients and CAPTCHA - published about 10 years ago.
Content: Amazon is a popular online retailer serving millions of users. Unfortunately, FireEye mobile security researchers have found security issues within Amazon’s mobile apps on both Android and iOS platforms through which attackers can crack the passwords of target Amazon accounts. Amazon confirmed our findings and hot fixed the issue. Recently, we found ...
http://www.fireeye.com/blog/threat-research/2014/02/amazons-mobile-shopping-clients-and-captcha.html
Published: 2014 02 26 20:39:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Impact Distribution

Cyber Security Made Simple

Cyber Tzar Your Score Explained

Article: Trends in Targeted Attacks: 2013 - published over 10 years ago.
Content: FireEye has been busy over the last year. We have tracked malware-based espionage campaigns and published research papers on numerous advanced threat actors. We chopped through Poison Ivy, documented a cyber arms dealer, and revealed that Operation Ke3chang had targeted Ministries of Foreign Affairs in Europe. Worldwide, security experts made ma...
http://www.fireeye.com/blog/threat-research/2014/01/trends-in-targeted-attacks-2013.html
Published: 2014 01 13 10:00:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Platform Highlights

Article: JS-Binding-Over-HTTP Vulnerability and JavaScript Sidedoor: Security Risks Affecting Billions of Android App Downloads - published over 10 years ago.
Content: Third-party libraries, especially ad libraries, are widely used in Android apps. Unfortunately, many of them have security and privacy issues. In this blog, we summarize our findings related to the insecure usage of JavaScript binding in ad libraries. First, we describe a widespread security issue with using JavaScript binding (addJavascriptInterface...
http://www.fireeye.com/blog/threat-research/2014/01/js-binding-over-http-vulnerability-and-javascript-sidedoor.html
Published: 2014 01 17 00:45:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Impact Assesment

Article: Android.HeHe: Malware Now Disconnects Phone Calls - published over 10 years ago.
Content: FireEye Labs has recently discovered six variants of a new Android threat that steals text messages and intercepts phone calls. We named this sample set “Android.HeHe” after the name of the activity that is used consistently across all samples. Here is a list of known bot variants: MD5 VirusTotal Detection Ratio 1caa...
http://www.fireeye.com/blog/threat-research/2014/01/android-hehe-malware-now-disconnects-phone-calls.html
Published: 2014 01 21 10:00:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Your Score Explained

Cyber Tzar Platform Highlights

Cyber Tzar Gold Score Certificate

Article: Microsoft Office Vulnerabilities Used to Distribute Zyklon Malware in Recent Campaign - published over 6 years ago.
Content: Introduction FireEye researchers recently observed threat actors leveraging relatively new vulnerabilities in Microsoft Office to spread Zyklon HTTP malware. Zyklon has been observed in the wild since early 2016 and provides myriad sophisticated capabilities. Zyklon is a publicly available, full-featured backdoor capable of keylogging, password har...
http://www.fireeye.com/blog/threat-research/2018/01/microsoft-office-vulnerabilities-used-to-distribute-zyklon-malware.html
Published: 2018 01 17 17:00:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Sites

Article: Attacks Leveraging Adobe Zero-Day (CVE-2018-4878) – Threat Attribution, Attack Scenario and Recommendations - published over 6 years ago.
Content: On Jan. 31, KISA (KrCERT) published an advisory about an Adobe Flash zero-day vulnerability (CVE-2018-4878) being exploited in the wild. On Feb. 1, Adobe issued an advisory confirming the vulnerability exists in Adobe Flash Player 28.0.0.137 and earlier versions, and that successful exploitation could potentially allow an attacker to take con...
http://www.fireeye.com/blog/threat-research/2018/02/attacks-leveraging-adobe-zero-day.html
Published: 2018 02 03 02:15:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Groups Explained

Article: CVE-2017-10271 Used to Deliver CryptoMiners: An Overview of Techniques Used Post-Exploitation and Pre-Mining - published about 6 years ago.
Content: Introduction FireEye researchers recently observed threat actors abusing CVE-2017-10271 to deliver various cryptocurrency miners. CVE-2017-10271 is a known input validation vulnerability that exists in the WebLogic Server Security Service (WLS Security) in Oracle WebLogic Server versions 12.2.1.2.0 and prior, and attackers can exploit it to remotel...
http://www.fireeye.com/blog/threat-research/2018/02/cve-2017-10271-used-to-deliver-cryptominers.html
Published: 2018 02 15 16:30:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Cyber Tzar Sites

Cyber Tzar Score Analysis

Article: SANNY Malware Delivery Method Updated in Recently Observed Attacks - published about 6 years ago.
Content: Introduction In the third week of March 2018, through FireEye’s Dynamic Threat Intelligence, FireEye discovered malicious macro-based Microsoft Word documents distributing SANNY malware to multiple governments worldwide. Each malicious document lure was crafted in regard to relevant regional geopolitical issues. FireEye has tracked the SANNY malwa...
http://www.fireeye.com/blog/threat-research/2018/03/sanny-malware-delivery-method-updated-in-recently-observed-attacks.html
Published: 2018 03 23 15:00:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Developer? Secuity Assesor? Risk Manager? Actary? We can help, whatever you need

Article: Fake Software Update Abuses NetSupport Remote Access Tool - published about 6 years ago.
Content: Over the last few months, FireEye has tracked an in-the-wild campaign that leverages compromised sites to spread fake updates. In some cases, the payload was the NetSupport Manager remote access tool (RAT). NetSupport Manager is a commercially available RAT that can be used legitimately by system administrators for remotely accessing client compute...
http://www.fireeye.com/blog/threat-research/2018/04/fake-software-update-abuses-netsupport-remote-access-tool.html
Published: 2018 04 05 15:00:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: Metamorfo Campaigns Targeting Brazilian Users - published about 6 years ago.
Content: FireEye Labs recently identified several widespread malspam (malware spam) campaigns targeting Brazilian companies with the goal of delivering banking Trojans. We are referring to these campaigns as Metamorfo. Across the stages of these campaigns, we have observed the use of several tactics and techniques to evade detection and deliver the maliciou...
http://www.fireeye.com/blog/threat-research/2018/04/metamorfo-campaign-targeting-brazilian-users.html
Published: 2018 04 24 15:00:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Developer? Secuity Assesor? Risk Manager? Actary? We can help, whatever you need

Cyber Tzar Risk Impact Distribution

Article: Remote Authentication GeoFeasibility Tool - GeoLogonalyzer - published almost 6 years ago.
Content: Users have long needed to access important resources such as virtual private networks (VPNs), web applications, and mail servers from anywhere in the world at any time. While the ability to access resources from anywhere is imperative for employees, threat actors often leverage stolen credentials to access systems and data. Due to large volumes of ...
http://www.fireeye.com/blog/threat-research/2018/05/remote-authentication-geofeasibility-tool-geologonalyzer.html
Published: 2018 05 29 17:00:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Learn more about our products

Article: RIG Exploit Kit Delivering Monero Miner Via PROPagate Injection Technique - published almost 6 years ago.
Content: Introduction Through FireEye Dynamic Threat Intelligence (DTI), we observed RIG Exploit Kit (EK) delivering a dropper that leverages the PROPagate injection technique to inject code that downloads and executes a Monero miner (similar activity has been reported by Trend Micro). Apart from leveraging a relatively lesser known injection technique, ...
http://www.fireeye.com/blog/threat-research/2018/06/rig-ek-delivering-monero-miner-via-propagate-injection-technique.html
Published: 2018 06 28 16:00:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: Introducing Monitor.app for macOS - published about 7 years ago.
Content: UPDATE 2 (Oct. 24, 2018): Monitor.app now supports macOS 10.14. UPDATE (April 4, 2018): Monitor.app now supports macOS 10.13. As a malware analyst or systems programmer, having a suite of solid dynamic analysis tools is vital to being quick and effective. These tools enable us to understand malware capabilities and undocumented components of th...
http://www.fireeye.com/blog/threat-research/2017/03/introducing_monitor.html
Published: 2017 03 31 14:15:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Learn more about our products

Cyber Tzar Risk Impact Assesment

Article: FLARE Script Series: Automating Objective-C Code Analysis with Emulation - published over 5 years ago.
Content: This blog post is the next episode in the FireEye Labs Advanced Reverse Engineering (FLARE) team Script Series. Today, we are sharing a new IDAPython library – flare-emu – powered by IDA Pro and the Unicorn emulation framework that provides scriptable emulation features for the x86, x86_64, ARM, and ARM64 architectures to reverse engineers. Along ...
http://www.fireeye.com/blog/threat-research/2018/12/automating-objective-c-code-analysis-with-emulation.html
Published: 2018 12 12 17:30:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

View our available products

Article: Breaking the Bank: Weakness in Financial AI Applications - published about 5 years ago.
Content: Currently, threat actors possess limited access to the technology required to conduct disruptive operations against financial artificial intelligence (AI) systems and the risk of this targeting type remains low. However, there is a high risk of threat actors leveraging AI as part of disinformation campaigns to cause financial panic. As AI financial...
http://www.fireeye.com/blog/threat-research/2019/03/breaking-the-bank-weakness-in-financial-ai-applications.html
Published: 2019 03 13 16:00:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: Dissecting a NETWIRE Phishing Campaign's Usage of Process Hollowing - published about 5 years ago.
Content: Introduction Malware authors attempt to evade detection by executing their payload without having to write the executable file on the disk. One of the most commonly seen techniques of this "fileless" execution is code injection. Rather than executing the malware directly, attackers inject the malware code into the memory of another process that is...
http://www.fireeye.com/blog/threat-research/2019/03/dissecting-netwire-phishing-campaign-usage-of-process-hollowing.html
Published: 2019 03 15 16:00:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Re-Score Report

View our available products

Cyber Tzar Your Score Explained

Article: WinRAR Zero-day Abused in Multiple Campaigns - published about 5 years ago.
Content: WinRAR, an over 20-year-old file archival utility used by over 500 million users worldwide, recently acknowledged a long-standing vulnerability in its code-base. A recently published path traversal zero-day vulnerability, disclosed in CVE-2018-20250 by Check Point Research, enables attackers to specify arbitrary destinations during file extractio...
http://www.fireeye.com/blog/threat-research/2019/03/winrar-zero-day-abused-in-multiple-campaigns.html
Published: 2019 03 26 15:30:00
Received: 2021 11 04 01:00:13
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

View our product reports

Article: Spear Phishing Campaign Targets Ukraine Government and Military; Infrastructure Reveals Potential Link to So-Called Luhansk People's Republic - published about 5 years ago.
Content: In early 2019, FireEye Threat Intelligence identified a spear phishing email targeting government entities in Ukraine. The spear phishing email included a malicious LNK file with PowerShell script to download the second-stage payload from the command and control (C&C) server. The email was received by military departments in Ukraine and include...
http://www.fireeye.com/blog/threat-research/2019/04/spear-phishing-campaign-targets-ukraine-government.html
Published: 2019 04 16 07:00:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: FLARE Script Series: Automating Obfuscated String Decoding - published over 8 years ago.
Content: Introduction We are expanding our script series beyond IDA Pro. This post extends the FireEye Labs Advanced Reverse Engineering (FLARE) script series to an invaluable tool for the reverse engineer – the debugger. Just like IDA Pro, debuggers have scripting interfaces. For example, OllyDbg uses an asm-like scripting language, the Immunity debugger...
http://www.fireeye.com/blog/threat-research/2015/12/flare_script_series.html
Published: 2015 12 28 14:01:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

View our product reports

Cyber Tzar Risk Groups Explained

Article: FLARE IDA Pro Script Series: Simplifying Graphs in IDA - published over 6 years ago.
Content: Introduction We’re proud to release a new plug-in for IDA Pro users – SimplifyGraph – to help automate creation of groups of nodes in the IDA’s disassembly graph view. Code and binaries are available from the FireEye GitHub repo. Prior to this release we submitted it in the 2017 Hex-Rays plugin contest, where it placed third overall. My perso...
http://www.fireeye.com/blog/threat-research/2018/01/simplifying-graphs-in-ida.html
Published: 2018 01 11 16:45:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Our principles

Article: FLARE IDA Pro Script Series: Automating Function Argument Extraction - published over 8 years ago.
Content:
http://www.fireeye.com/blog/threat-research/2015/11/flare_ida_pro_script.html
Published: 2015 11 16 13:00:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: New FakeNet-NG Feature: Content-Based Protocol Detection - published over 6 years ago.
Content: I (Matthew Haigh) recently contributed to FLARE’s FakeNet-NG network simulator by adding content-based protocol detection and configuration. This feature is useful for analyzing malware that uses a protocol over a non-standard port; for example, HTTP over port 81. The new feature also detects and adapts to SSL so that any protocol can be used with ...
http://www.fireeye.com/blog/threat-research/2017/10/fakenet-content-based-protocol-detection.html
Published: 2017 10 23 15:15:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Our principles

Cyber Tzar Change Over Time (Extended)

Article: Cmd and Conquer: De-DOSfuscation with flare-qdb - published over 5 years ago.
Content: When Daniel Bohannon released his excellent DOSfuscation paper, I was fascinated to see how tricks I used as a systems engineer could help attackers evade detection. I didn’t have much to contribute to this conversation until I had to analyze a hideously obfuscated batch file as part of my job on the FLARE malware queue. Previously, I released fla...
http://www.fireeye.com/blog/threat-research/2018/11/cmd-and-conquer-de-dosfuscation-with-flare-qdb.html
Published: 2018 11 20 17:30:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Read our FAQ

Article: Loading Kernel Shellcode - published about 6 years ago.
Content: In the wake of recent hacking tool dumps, the FLARE team saw a spike in malware samples detonating kernel shellcode. Although most samples can be analyzed statically, the FLARE team sometimes debugs these samples to confirm specific functionality. Debugging can be an efficient way to get around packing or obfuscation and quickly identify the struct...
http://www.fireeye.com/blog/threat-research/2018/04/loading-kernel-shellcode.html
Published: 2018 04 23 15:00:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Introducing Linux Support for FakeNet-NG: FLARE’s Next Generation Dynamic Network Analysis Tool - published almost 7 years ago.
Content: Introduction In 2016, FLARE introduced FakeNet-NG, an open-source network analysis tool written in Python. FakeNet-NG allows security analysts to observe and interact with network applications using standard or custom protocols on a single Windows host, which is especially useful for malware analysis and reverse engineering. Since FakeNet-NG’s rel...
http://www.fireeye.com/blog/threat-research/2017/07/linux-support-for-fakenet-ng.html
Published: 2017 07 05 15:00:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Read our FAQ

Cyber Tzar Change Over Time (Extended)

Article: FLARE Script Series: Querying Dynamic State using the FireEye Labs Query-Oriented Debugger (flare-qdb) - published over 7 years ago.
Content: Introduction This post continues the FireEye Labs Advanced Reverse Engineering (FLARE) script series. Here, we introduce flare-qdb, a command-line utility and Python module based on vivisect for querying and altering dynamic binary state conveniently, iteratively, and at scale. flare-qdb works on Windows and Linux, and can be obtained from the flare...
http://www.fireeye.com/blog/threat-research/2017/01/flare_script_series.html
Published: 2017 01 04 14:02:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

How we calculate your Cyber Risk Score

Article: 2015 FLARE-ON Challenge Solutions - published over 8 years ago.
Content: The first few challenges narrowed the playing field drastically, with most serious contestants holding firm through challenges 4-9. The last two increased the difficulty level and proved a difficult final series of challenges for a well-earned finish line. The FLARE On Challenge always reaches a very wide international audience. Outside of the USA, ...
http://www.fireeye.com/blog/threat-research/2015/09/flare-on_challenges.html
Published: 2015 09 08 14:56:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: FLARE Script Series: flare-dbg Plug-ins - published about 8 years ago.
Content: Introduction This post continues the FireEye Labs Advanced Reverse Engineering (FLARE) script series. In this post, we continue to discuss the flare-dbg project. If you haven’t read my first post on using flare-dbg to automate string decoding, be sure to check it out! We created the flare-dbg Python project to support the creation of plug-ins ...
http://www.fireeye.com/blog/threat-research/2016/02/flare_script_series.html
Published: 2016 02 09 12:00:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

How we calculate your Cyber Risk Score

Cyber Tzar Change Over Time (Extended)

Article: Connecting the Dots: Syrian Malware Team Uses BlackWorm for Attacks - published over 9 years ago.
Content: The Syrian Electronic Army has made news for its recent attacks on major communications websites, Forbes, and an alleged attack on CENTCOM. While these attacks garnered public attention, the activities of another group - The Syrian Malware Team - have gone largely unnoticed. The group’s activities prompted us to take a closer look. We discovere...
http://www.fireeye.com/blog/threat-research/2014/08/connecting-the-dots-syrian-malware-team-uses-blackworm-for-attacks.html
Published: 2014 08 29 08:00:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Understand your Cyber Tzar Risk Groups

Article: Two Limited, Targeted Attacks; Two New Zero-Days - published over 9 years ago.
Content: The FireEye Labs team has identified two new zero-day vulnerabilities as part of limited, targeted attacks against some major corporations. Both zero-days exploit the Windows Kernel, with Microsoft assigning CVE-2014-4148 and CVE-2014-4113 to and addressing the vulnerabilities in their October 2014 Security Bulletin. FireEye Labs have identified...
http://www.fireeye.com/blog/threat-research/2014/10/two-targeted-attacks-two-new-zero-days.html
Published: 2014 10 14 14:46:54
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: iOS Masque Attack Revived: Bypassing Prompt for Trust and App URL Scheme Hijacking - published about 9 years ago.
Content: In November of last year, we uncovered a major flaw in iOS we dubbed “Masque Attack” that allowed for malicious apps to replace existing, legitimate ones on an iOS device via SMS, email, or web browsing. In total, we have notified Apple of five security issues related to four kinds of Masque Attacks. Today, we are sharing Masque Attack II in the ...
http://www.fireeye.com/blog/threat-research/2015/02/ios_masque_attackre.html
Published: 2015 02 19 19:00:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Understand your Cyber Tzar Risk Groups

Cyber Tzar Change Over Time (Extended)

Article: NitlovePOS: Another New POS Malware - published almost 9 years ago.
Content: There has been a proliferation of malware specifically designed to extract payment card information from Point-of-Sale (POS) systems over the last two years. In 2015, there have already been a variety of new POS malware identified including a new Alina variant, FighterPOS and Punkey. During our research into a widespread spam campaign, we dis...
http://www.fireeye.com/blog/threat-research/2015/05/nitlovepos_another.html
Published: 2015 05 23 18:05:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Using the Cyber Tzar platform; easy as 1, 2, 3, 4.

Article: Three New Masque Attacks against iOS: Demolishing, Breaking and Hijacking - published almost 9 years ago.
Content: In the recent release of iOS 8.4, Apple fixed several vulnerabilities including vulnerabilities that allow attackers to deploy two new kinds of Masque Attack (CVE-2015-3722/3725, and CVE-2015-3725). We call these exploits Manifest Masque and Extension Masque, which can be used to demolish apps, including system apps (e.g., Apple Watch, Health, Pay ...
http://www.fireeye.com/blog/threat-research/2015/06/three_new_masqueatt.html
Published: 2015 06 30 14:00:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Marketplace Benchmark

Article: XcodeGhost S: A New Breed Hits the US - published over 8 years ago.
Content: Just over a month ago, iOS users were warned of the threat to their devices by the XcodeGhost malware. Apple quickly reacted, taking down infected apps from the App Store and releasing new security features to stop malicious activities. Through continuous monitoring of our customers’ networks, FireEye researchers have found that, despite the quick ...
http://www.fireeye.com/blog/threat-research/2015/11/xcodeghost_s_a_new.html
Published: 2015 11 03 12:27:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Benchmark Summary

Using the Cyber Tzar platform; easy as 1, 2, 3, 4.

Cyber Tzar Change Over Time (Extended)

Article: Hot or Not? The Benefits and Risks of iOS Remote Hot Patching - published over 8 years ago.
Content: Introduction Apple has made a significant effort to build and maintain a healthy and clean app ecosystem. The essential contributing component to this status quo is the App Store, which is protected by a thorough vetting process that scrutinizes all submitted applications. While the process is intended to protect iOS users and ensure apps meet Ap...
http://www.fireeye.com/blog/threat-research/2016/01/hot_or_not_the_bene.html
Published: 2016 01 27 13:00:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Validation is required for our most comprehensive scans

Article: Locky is Back Asking for Unpaid Debts - published almost 8 years ago.
Content: On June 21, 2016, FireEye’s Dynamic Threat Intelligence (DTI) identified an increase in JavaScript contained within spam emails. FireEye analysts determined the increase was the result of a new Locky ransomware spam campaign. As shown in Figure 1, Locky spam activity was uninterrupted until June 1, 2016, when it stopped for nearly three weeks. Durin...
http://www.fireeye.com/blog/threat-research/2016/06/locky-is-back-and-asking-for-unpaid-debts.html
Published: 2016 06 24 17:30:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Basic)

Article: Rotten Apples: Apple-like Malicious Phishing Domains - published almost 8 years ago.
Content: At FireEye Labs we have an automated system designed to proactively detect newly registered malicious domains. This system observed some phishing domains registered in the first quarter of 2016 that were designed to appear as legitimate Apple domains. These phony Apple domains were involved in phishing attacks against Apple iCloud users in China an...
http://www.fireeye.com/blog/threat-research/2016/06/rotten_apples_apple.html
Published: 2016 06 07 12:00:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Port Vulnerability Scan Report

Validation is required for our most comprehensive scans

Cyber Tzar Change Over Time (Extended)

Article: Spear Phishing Techniques Used in Attacks Targeting the Mongolian Government - published about 7 years ago.
Content: Introduction FireEye recently observed a sophisticated campaign targeting individuals within the Mongolian government. Targeted individuals that enabled macros in a malicious Microsoft Word document may have been infected with Poison Ivy, a popular remote access tool (RAT) that has been used for nearly a decade for key logging, screen and video ca...
http://www.fireeye.com/blog/threat-research/2017/02/spear_phishing_techn.html
Published: 2017 02 22 14:45:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

The Cyber Tzar technology stack

Article: How the Rise of Cryptocurrencies Is Shaping the Cyber Crime Landscape: The Growth of Miners - published almost 6 years ago.
Content: Introduction Cyber criminals tend to favor cryptocurrencies because they provide a certain level of anonymity and can be easily monetized. This interest has increased in recent years, stemming far beyond the desire to simply use cryptocurrencies as a method of payment for illicit tools and services. Many actors have also attempted to capitalize on...
http://www.fireeye.com/blog/threat-research/2018/07/cryptocurrencies-cyber-crime-growth-of-miners.html
Published: 2018 07 18 14:00:00
Received: 2021 11 04 01:00:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Port Vulnerability Scan Report

Article: FLARE Script Series: Recovering Stackstrings Using Emulation with ironstrings - published about 5 years ago.
Content: This blog post continues our Script Series where the FireEye Labs Advanced Reverse Engineering (FLARE) team shares tools to aid the malware analysis community. Today, we release ironstrings: a new IDAPython script to recover stackstrings from malware. The script leverages code emulation to overcome this common string obfuscation technique. More preci...
http://www.fireeye.com/blog/threat-research/2019/02/recovering-stackstrings-using-emulation-with-ironstrings.html
Published: 2019 02 28 16:30:00
Received: 2021 11 04 01:00:10
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Port Vulnerability Scan Report

The Cyber Tzar technology stack

Cyber Tzar Re-Score Report

Article: Bypassing Antivirus for Your Antivirus Bypass - published over 5 years ago.
Content: Chances are you have heard about how easy it can be to evade antivirus. Often, this is because the signatures used by vendors are too simplistic and can be successfully duped without changing the functionality of the malware. Have you ever attempted to evade AV? Is it really that easy? In this blog post, I’ll show you how I adapted “malicious” (not...
http://www.fireeye.com/blog/threat-research/2018/09/bypassing-antivirus-for-your-antivirus-bypass.html
Published: 2018 09 13 23:00:00
Received: 2021 11 04 01:00:10
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Why Cyber Tzar?

Article: Update: 1768.py Version 0.0.9 - published over 2 years ago.
Content: This new version of 1768.py, my tool to decode Cobalt Strike beacon configs, brings proper decoding of malleable instructions. And the license ID statistics have been updated, and 3 new private RSA keys have been added. Fields 0x000b (Malleable_C2_Instructions), 0x000c (http_get_header) and 0x000d (http_post_header) contain instructions on how to tran...
https://blog.didierstevens.com/2021/11/04/update-1768-py-version-0-0-9/
Published: 2021 11 04 00:00:00
Received: 2021 11 04 00:06:02
Feed: Didier Stevens
Source: Didier Stevens
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Port Vulnerability Scan Report

Article: SynSaber appoints Mark Weatherford and Ali Golshan to its Advisory Board - published over 2 years ago.
Content:
https://www.helpnetsecurity.com/2021/11/04/synsaber-mark-weatherford-ali-golshan/
Published: 2021 11 03 23:15:28
Received: 2021 11 04 00:03:57
Feed: Help Net Security - News
Source: Help Net Security - News
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar SSL Certificate Health Check

Why Cyber Tzar?

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Talha Tariq joins Torq CISO Advisory Board - published over 2 years ago.
Content:
https://www.helpnetsecurity.com/2021/11/04/torq-talha-tariq/
Published: 2021 11 03 23:30:48
Received: 2021 11 04 00:03:57
Feed: Help Net Security - News
Source: Help Net Security - News
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar: Our Vision

Article: Nutanix names Dominick Delfino as CRO - published over 2 years ago.
Content:
https://www.helpnetsecurity.com/2021/11/04/nutanix-dominick-delfino/
Published: 2021 11 03 23:45:53
Received: 2021 11 04 00:03:57
Feed: Help Net Security - News
Source: Help Net Security - News
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar SSL Certificate Health Check

All Articles

Ordered by Date Received : Year: "2021" Month: "11" Day: "04"
Page: << < 7 (of 7)

Total Articles in this collection: 353

"All Articles" links back to the front page, effectivly the Planet "Home Page"; shows all articles, with no selections, or groupings.
Default date ordering is by "Received Date" (due to not all RSS feeds having a "Published Date").
Only Published Date selections use the articles Published Date.
The first page always shows fifty items plus from zero to up to a remaining forty-nine items, before they are commited permently to the next page.
All subsequent pages show fifty items.
Pagination is in reverse ordering (so that pages are permamenent links, aka "permalinks", to their content).
"<<" moves you to the first page (aka newest articles)
">>" moves you to the last page (aka oldest articles)
"<" moves you to the previous page (aka newer articles)
">" moves you to the next page (aka older articles)
Return to the top of this page Go Now

Ordered by Date Received : Year: "2021" Month: "11" Day: "04" Page: << < 7 (of 7)

Total Articles in this collection: 353

Ordered by Date Received : Year: "2021" Month: "11" Day: "04" Page: << < 7 (of 7)

Total Articles in this collection: 353

Navigation Help

Custom HTML Block

Ordered by Date Received : Year: "2021" Month: "11" Day: "04"
Page: << < 7 (of 7)

Ordered by Date Received : Year: "2021" Month: "11" Day: "04"
Page: << < 7 (of 7)