All Articles

Ordered by Date Received : Year: "2021" Month: "06"
Page: << < 184 (of 221) > >>

Total Articles in this collection: 11,093

Navigation Help at the bottom of the page

Article: 9 Smartphone Cybersecurity Tips You Should Know - published over 3 years ago.
Content:
https://latesthackingnews.com/2021/06/03/9-smartphone-cybersecurity-tips-you-should-know/
Published: 2021 06 03 14:57:43
Received: 2021 06 06 09:05:15
Feed: Latest Hacking News
Source: Latest Hacking News
Category: Cyber Security
Topic: Cyber Security

Get your Free Scan and Score Certificate

Article: Swedish Public Health Agency Disclosed Multiple Hacking Attempts - published over 3 years ago.
Content:
https://latesthackingnews.com/2021/06/04/swedish-public-health-agency-disclosed-multiple-hacking-attempts/
Published: 2021 06 04 09:00:25
Received: 2021 06 06 09:05:15
Feed: Latest Hacking News
Source: Latest Hacking News
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Free Score Certificate

Article: FUJIFILM Shuts Down Operations Following Suspected Ransomware Attack - published over 3 years ago.
Content:
https://latesthackingnews.com/2021/06/04/fujifilm-shuts-down-operations-following-suspected-ransomware-attack/
Published: 2021 06 04 10:34:07
Received: 2021 06 06 09:05:15
Feed: Latest Hacking News
Source: Latest Hacking News
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Score Summary

Get your Free Scan and Score Certificate

Cyber Tzar Free Score Certificate

Article: Exploiting System Shield AntiVirus Arbitrary Write Vulnerability using SeTakeOwnershipPrivilege - published almost 7 years ago.
Content: A kernel vulnerability exists in an antivirus product called “System Shield AntiVirus and AntiSpyware” by Iolo Technologies. This is an arbitrary memory overwrite vulnerability due to the inputted buffer not being validated and has been assigned a CVE ID of CVE-2018-5701. The product version of “System Shield AntiVirus and AntiSpyware” tested on is 5.0.0.136...
https://www.greyhathacker.net/?p=1006
Published: 2018 01 29 12:14:21
Received: 2021 06 06 09:05:13
Feed: GreyHatHacker.NET
Source: GreyHatHacker.NET
Category: Cyber Security
Topic: Cyber Security

Get your repeat Free Scan and Score Certificate

Article: Exploiting STOPzilla AntiMalware Arbitrary Write Vulnerability using SeCreateTokenPrivilege - published about 6 years ago.
Content: A couple of months ago I discovered 9 kernel vulnerabilities a security product called STOPzilla AntiMalware. It’s been over a month with no response from the vendor so I’m going public with this one. All of the vulnerabilities stem from output buffer address not being validated apart from ioctl 80002028 where the size of the output buffer is not validated. ...
https://www.greyhathacker.net/?p=1025
Published: 2018 09 13 10:17:25
Received: 2021 06 06 09:05:13
Feed: GreyHatHacker.NET
Source: GreyHatHacker.NET
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Your Score Explained

Article: Dokany/Google Drive File Stream Kernel Stack-based Buffer Overflow Vulnerability - published almost 6 years ago.
Content: Last November I reported a kernel vulnerability to CERT/CC for their help in coordinating the disclosure as it impacted dozens of vendors including Google Drive File Stream (GDFS). The vulnerability was a stack-based buffer overflow in Dokany’s kernel mode file system driver and has been assigned cve id of CVE-2018-5410. With Dokany you can create your own v...
https://www.greyhathacker.net/?p=1041
Published: 2019 01 14 17:07:01
Received: 2021 06 06 09:05:13
Feed: GreyHatHacker.NET
Source: GreyHatHacker.NET
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Gold Score Certificate

Get your repeat Free Scan and Score Certificate

Cyber Tzar Score Summary

Article: Mac Hack Demonstration
Content:
https://www.f-secure.com/weblog/archives/00002812.html
Published: :
Received: 2021 06 06 09:05:12
Feed: F-Secure Antivirus Research Weblog
Source: F-Secure Antivirus Research Weblog
Category: Cyber Security
Topic: Cyber Security

Cyber Security Made Simple

Article: Ransomware Spam E-Mails Targeting Users in Italy and Spain
Content:
https://www.f-secure.com/weblog/archives/00002813.html
Published: :
Received: 2021 06 06 09:05:12
Feed: F-Secure Antivirus Research Weblog
Source: F-Secure Antivirus Research Weblog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Score Analysis

Article: SMS Exploit Messages
Content:
https://www.f-secure.com/weblog/archives/00002814.html
Published: :
Received: 2021 06 06 09:05:12
Feed: F-Secure Antivirus Research Weblog
Source: F-Secure Antivirus Research Weblog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Impact Distribution

Cyber Security Made Simple

Cyber Tzar Your Score Explained

Article: Found Item: UK Wi-Fi Law?
Content:
https://www.f-secure.com/weblog/archives/00002815.html
Published: :
Received: 2021 06 06 09:05:12
Feed: F-Secure Antivirus Research Weblog
Source: F-Secure Antivirus Research Weblog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Platform Highlights

Article: Problematic Wassenaar Definitions
Content:
https://www.f-secure.com/weblog/archives/00002816.html
Published: :
Received: 2021 06 06 09:05:12
Feed: F-Secure Antivirus Research Weblog
Source: F-Secure Antivirus Research Weblog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Impact Assesment

Article: The Trusted Internet: Who governs who gets to buy spyware from surveillance software companies?
Content:
https://www.f-secure.com/weblog/archives/00002818.html
Published: :
Received: 2021 06 06 09:05:12
Feed: F-Secure Antivirus Research Weblog
Source: F-Secure Antivirus Research Weblog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Your Score Explained

Cyber Tzar Platform Highlights

Cyber Tzar Gold Score Certificate

Article: Hacking Team 0-day Flash Wave with Exploit Kits
Content:
https://www.f-secure.com/weblog/archives/00002819.html
Published: :
Received: 2021 06 06 09:05:12
Feed: F-Secure Antivirus Research Weblog
Source: F-Secure Antivirus Research Weblog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Sites

Article: IOS Crash Report: Blocking "Pop-Ups" Doesn't Really Help
Content:
https://www.f-secure.com/weblog/archives/00002820.html
Published: :
Received: 2021 06 06 09:05:12
Feed: F-Secure Antivirus Research Weblog
Source: F-Secure Antivirus Research Weblog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Groups Explained

Article: 'Zero Days', The Documentary
Content:
https://www.f-secure.com/weblog/archives/00002821.html
Published: :
Received: 2021 06 06 09:05:12
Feed: F-Secure Antivirus Research Weblog
Source: F-Secure Antivirus Research Weblog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Cyber Tzar Sites

Cyber Tzar Score Analysis

Article: Duke APT group's latest tools: cloud services and Linux support
Content:
https://www.f-secure.com/weblog/archives/00002822.html
Published: :
Received: 2021 06 06 09:05:12
Feed: F-Secure Antivirus Research Weblog
Source: F-Secure Antivirus Research Weblog
Category: Cyber Security
Topic: Cyber Security

Developer? Secuity Assesor? Risk Manager? Actary? We can help, whatever you need

Article: "IOS Crash Report" Update: Safari Adds Block Feature
Content:
https://www.f-secure.com/weblog/archives/00002823.html
Published: :
Received: 2021 06 06 09:05:12
Feed: F-Secure Antivirus Research Weblog
Source: F-Secure Antivirus Research Weblog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: Work In Progress
Content:
https://www.f-secure.com/weblog/archives/00002824.html
Published: :
Received: 2021 06 06 09:05:12
Feed: F-Secure Antivirus Research Weblog
Source: F-Secure Antivirus Research Weblog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Developer? Secuity Assesor? Risk Manager? Actary? We can help, whatever you need

Cyber Tzar Risk Impact Distribution

Article: Soonï¿½
Content:
https://www.f-secure.com/weblog/archives/00002826.html
Published: :
Received: 2021 06 06 09:05:12
Feed: F-Secure Antivirus Research Weblog
Source: F-Secure Antivirus Research Weblog
Category: Cyber Security
Topic: Cyber Security

Learn more about our products

Article: Did It Execute? - published about 11 years ago.
Content: You found a malicious executable! Now you've got a crucial question to answer: did the file execute? We'll discuss a few sources of evidence you can use to answer this question. In this post, we will focus on static or "dead drive" forensics on Windows systems. We will cover four main sources of evidence: Windows Prefetch, Registry, Lo...
http://www.fireeye.com/blog/threat-research/2013/08/execute.html
Published: 2013 08 27 22:26:05
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: Back to Basics Series: OpenIOC - published about 11 years ago.
Content: Over the next few months, a few of my colleagues and I will be touching on various topics related to Mandiant and computer security. As part of this series, we are going to be talking about OpenIOC - how we got where we are today, how to make and use IOCs, and the future of OpenIOC. This topic can't be rolled into a single blog p...
http://www.fireeye.com/blog/threat-research/2013/09/basics-series-openioc.html
Published: 2013 09 12 19:33:56
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Learn more about our products

Cyber Tzar Risk Impact Assesment

Article: How Will I Fill This Web Historian-Shaped Hole in My Heart? - published about 11 years ago.
Content: With the recent integration of Mandiant Web Historian™ into Mandiant Redline™, you may be asking "How do I review my Web History using Redline?" If so, then follow along as I explain how to collect and review web history data in Redline - with a focus on areas where the workflow and features differ from that of Web Historian. For tho...
http://www.fireeye.com/blog/threat-research/2013/09/fill-web-historianshaped-hole-heart.html
Published: 2013 09 19 01:11:32
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

View our available products

Article: OpenIOC: Back to the Basics - published about 11 years ago.
Content: Written by Will Gibb & Devon Kerr One challenge investigators face during incident response is finding a way to organize information about an attackers' activity, utilities, malware and other indicators of compromise, called IOCs. The OpenIOC format addresses this challenge head-on. OpenIOC provides a standard format and terms...
http://www.fireeye.com/blog/threat-research/2013/10/openioc-basics.html
Published: 2013 10 01 18:45:52
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: Best of the Best in 2013: The Armory - published almost 11 years ago.
Content: Everyone likes something for free. And there is no better place to go to get free analysis, intelligence and tools than The Armory on M-Unition. During the past year, we've offered intelligence and analysis on new threat activity, sponsored open source projects and offered insight on free tools like Redline™, all of which has been high...
http://www.fireeye.com/blog/threat-research/2013/12/2013-armory.html
Published: 2013 12 20 21:48:44
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Re-Score Report

View our available products

Cyber Tzar Your Score Explained

Article: OpenIOC Series: Investigating with Indicators of Compromise (IOCs) – Part I - published almost 11 years ago.
Content: Written by Devon Kerr & Will Gibb The Back to Basics: OpenIOC blog series previously discussed how Indicators of Compromise (IOCs) can be used to codify information about malware or utilities and describe an attacker's methodology. Also touched on were the parts of an IOC, such as the metadata, references, and definition sec...
http://www.fireeye.com/blog/threat-research/2013/12/openioc-series-investigating-indicators-compromise-iocs.html
Published: 2013 12 16 20:58:10
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

View our product reports

Article: Investigating with Indicators of Compromise (IOCs) – Part II - published over 10 years ago.
Content: Written by Will Gibb & Devon Kerr In our blog post "Investigating with Indicators of Compromise (IOCs) - Part I," we presented a scenario involving the "Acme Widgets Co.," a company investigating an intrusion, and its incident responder, John. John's next objective is to examine the system "ACMWH-KIOSK" for evidence of...
http://www.fireeye.com/blog/threat-research/2014/03/investigating-indicators-compromise-iocs-part-ii.html
Published: 2014 03 06 01:42:20
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: New Tactics. New Motives. New Services. - published about 10 years ago.
Content: Every day at Mandiant we respond to some of the largest cyber security incidents around the world. This gives us a front-row seat to witness what works (and what doesn't) when it comes to finding attackers and preventing them from stealing our clients' data. Attackers' tactics and motives are evolving and as a result our security strat...
http://www.fireeye.com/blog/threat-research/2014/10/tactics-motives-services.html
Published: 2014 10 08 19:16:51
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

View our product reports

Cyber Tzar Risk Groups Explained

Article: Executive Briefing in New York with Former Secretary of Homeland Security Michael Chertoff - published over 12 years ago.
Content: On March 15, Mandiant hosted an executive briefing over breakfast in New York City. The location in the W Hotel in Downtown NYC overlooked the 9/11 Memorial and the rising One World Trade Center-an arresting view and a unique setting for this event. Former Secretary of Homeland Security Michael Chertoff kicked off the morning by discus...
http://www.fireeye.com/blog/threat-research/2012/04/executive-briefing-york-secretary-homeland-security.html
Published: 2012 04 02 22:17:49
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Our principles

Article: M-Trends #1: Malware Only Tells Half the Story - published over 12 years ago.
Content: When I joined Mandiant earlier this year, I was given the opportunity to help write our annual M-Trends report. This is the third year Mandiant has published the report, which is a summary of the trends we've observed in our investigations over the last twelve months. I remember reading Mandiant's first M-Trends report when it ca...
http://www.fireeye.com/blog/threat-research/2012/05/mtrends-1-malware-tells-story.html
Published: 2012 05 14 20:45:15
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Incident Response with NTFS INDX Buffers – Part 1: Extracting an INDX Attribute - published about 12 years ago.
Content: By William Ballenthin & Jeff Hamm On August 30, 2012, we presented a webinar on how to use INDX buffers to assist in an incident response investigation. During the Q&A portion of the webinar we received many questions; however, we were not able to answer all of them. We're going to attempt to answer the remaining question...
http://www.fireeye.com/blog/threat-research/2012/09/striking-gold-incident-response-ntfs-indx-buffers-part-1.html
Published: 2012 09 18 23:23:24
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Our principles

Cyber Tzar Change Over Time (Extended)

Article: Utilities Industry in the Cyber Targeting Scope - published over 11 years ago.
Content: There's often a lot of rhetoric in the press and in the security community around threats to the utilities industry, and risk exposure surrounding critical infrastructure. We've determined that the utilities industry (power, water, waste) has been, and likely will continue to be, a target for cyber espionage primarily from Chinese APT ...
http://www.fireeye.com/blog/threat-research/2013/06/utilities-industry-cyber-targeting-scope.html
Published: 2013 06 17 20:40:56
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Read our FAQ

Article: The History of OpenIOC - published about 11 years ago.
Content: With the buzz in the security industry this year about sharing threat intelligence, it's easy to get caught up in the hype, and believe that proper, effective sharing of Indicators or Intelligence is something that can just be purchased along with goods or services from any security vendor. It's really a much more complex problem than ...
http://www.fireeye.com/blog/threat-research/2013/09/history-openioc.html
Published: 2013 09 17 23:36:51
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Leveraging the Power of Solutions and Intelligence - published almost 11 years ago.
Content: Welcome to my first post as a FireEye™ employee! Many of you have asked me what I think of FireEye's acquisition of Mandiant. One of the aspects of the new company that I find most exciting is our increased threat intelligence capabilities. This post will briefly explore what that means for our customers, prospects, and the public. By it...
http://www.fireeye.com/blog/threat-research/2014/01/leveraging-power-solutions-intelligence.html
Published: 2014 01 27 20:40:15
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Read our FAQ

Cyber Tzar Change Over Time (Extended)

Article: Citrix XenApp and XenDesktop Hardening Guidance - published over 8 years ago.
Content: A Joint Whitepaper from Mandiant and Citrix Throughout the course of Mandiant’s Red Team and Incident Response engagements, we frequently identify a wide array of misconfigured technology solutions, including Citrix XenApp and XenDesktop. We often see attackers leveraging stolen credentials from third parties, accessing Citrix solutions, breaking...
http://www.fireeye.com/blog/threat-research/2016/03/citrix_xenapp_andxe.html
Published: 2016 03 15 12:00:00
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

How we calculate your Cyber Risk Score

Article: Kerberos Tickets on Linux Red Teams - published over 4 years ago.
Content: At FireEye Mandiant, we conduct numerous red team engagements within Windows Active Directory environments. Consequently, we frequently encounter Linux systems integrated within Active Directory environments. Compromising an individual domain-joined Linux system can provide useful data on its own, but the best value is obtaining data, such as Ker...
http://www.fireeye.com/blog/threat-research/2020/04/kerberos-tickets-on-linux-red-teams.html
Published: 2020 04 01 16:00:00
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: The Five W’s of Penetration Testing - published about 10 years ago.
Content: Often in discussions with customers and potential customers, questions arise about our penetration testing services, as well as penetration testing in general. In this post, we want to walk through Mandiant's take on the five W's of penetration testing, in hopes of helping those of you who many have some of these same questions. Fo...
http://www.fireeye.com/blog/threat-research/2014/09/ws-penetration-testing.html
Published: 2014 09 16 20:49:32
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

How we calculate your Cyber Risk Score

Cyber Tzar Change Over Time (Extended)

Article: Connected Cars: The Open Road for Hackers - published over 8 years ago.
Content: As vehicles become both increasingly complex and better connected to the Internet, their newfound versatility may be manipulated for malicious purposes. Three of the most concerning potential threats looking ahead to the next few years are those posed by manipulating vehicle operation, ransomware and using vehicular systems as command ...
http://www.fireeye.com/blog/threat-research/2016/06/connected_cars_the.html
Published: 2016 06 10 14:00:00
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Understand your Cyber Tzar Risk Groups

Article: Critical Infrastructure Beyond the Power Grid - published about 11 years ago.
Content: The term "critical infrastructure" has earned its spot on the board of our ongoing game of cyber bingo--right next to "Digital Pearl Harbor," "Cyber 9/11," "SCADA" and "Stuxnet." With "critical infrastructure" thrown about in references to cyber threats nearly every week, we thought it was time for a closer look at just what the te...
http://www.fireeye.com/blog/threat-research/2013/11/critical-infrastructure-power-grid.html
Published: 2013 11 19 21:26:40
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Havex, It’s Down With OPC - published over 10 years ago.
Content: FireEye recently analyzed the capabilities of a variant of Havex (referred to by FireEye as “Fertger” or “PEACEPIPE”), the first publicized malware reported to actively scan OPC servers used for controlling SCADA (Supervisory Control and Data Acquisition) devices in critical infrastructure (e.g., water and electric utilities), energy, and manufactu...
http://www.fireeye.com/blog/threat-research/2014/07/havex-its-down-with-opc.html
Published: 2014 07 17 14:00:00
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Understand your Cyber Tzar Risk Groups

Cyber Tzar Change Over Time (Extended)

Article: IRONGATE ICS Malware: Nothing to See Here...Masking Malicious Activity on SCADA Systems - published over 8 years ago.
Content: In the latter half of 2015, the FireEye Labs Advanced Reverse Engineering (FLARE) team identified several versions of an ICS-focused malware crafted to manipulate a specific industrial process running within a simulated Siemens control system environment. We named this family of malware IRONGATE. FLARE found the samples on VirusTotal while researchi...
http://www.fireeye.com/blog/threat-research/2016/06/irongate_ics_malware.html
Published: 2016 06 02 12:00:00
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Using the Cyber Tzar platform; easy as 1, 2, 3, 4.

Article: Overload: Critical Lessons from 15 Years of ICS Vulnerabilities - published over 8 years ago.
Content: In the past several years, a flood of vulnerabilities has hit industrial control systems (ICS) – the technological backbone of electric grids, water supplies, and production lines. These vulnerabilities affect the reliable operation of sensors, programmable controllers, software and networking equipment used to automate and monitor the physi...
http://www.fireeye.com/blog/threat-research/2016/08/overload-critical-lessons-from-15-years-of-ics-vulnerabilities.html
Published: 2016 08 03 12:00:00
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Marketplace Benchmark

Article: What About the Plant Floor? Six Subversive Concerns for ICS Environments - published over 7 years ago.
Content: Industrial enterprises such as electric utilities, petroleum companies, and manufacturing organizations invest heavily in industrial control systems (ICS) to efficiently, reliably, and safely operate industrial processes. Without this technology operating the plant floor, these businesses cannot exist. Board members, executives, and security offic...
http://www.fireeye.com/blog/threat-research/2017/04/six-subversive-concerns-for-ics-environments.html
Published: 2017 04 12 12:00:00
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Benchmark Summary

Using the Cyber Tzar platform; easy as 1, 2, 3, 4.

Cyber Tzar Change Over Time (Extended)

Article: Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure - published almost 7 years ago.
Content: Introduction Mandiant recently responded to an incident at a critical infrastructure organization where an attacker deployed malware designed to manipulate industrial safety systems. The targeted systems provided emergency shutdown capability for industrial processes. We assess with moderate confidence that the attacker was developing the capab...
http://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html
Published: 2017 12 14 15:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Validation is required for our most comprehensive scans

Article: Rotten Apples: Resurgence - published about 8 years ago.
Content: In June 2016, we published a blog about a phishing campaign targeting the Apple IDs and passwords of Chinese Apple users that emerged in the first quarter of 2016 (referred to as the “Zycode” phishing campaign). At FireEye Labs we have an automated system designed to proactively detect newly registered malicious domains and this system had observed ...
http://www.fireeye.com/blog/threat-research/2016/10/rotten_apples_resur.html
Published: 2016 10 20 12:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Basic)

Article: ‘One-Stop Shop’ – Phishing Domain Targets Information from Customers of Several Indian Banks - published almost 8 years ago.
Content: FireEye Labs recently discovered a malicious phishing domain designed to steal a variety of information – including credentials and mobile numbers – from customers of several banks in India. Currently, we have not observed this domain being used in any campaigns. The phishing websites appear to be in the earlier stages of development and through th...
http://www.fireeye.com/blog/threat-research/2016/11/one-stop-shop-phishing-domain.html
Published: 2016 11 30 17:13:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Port Vulnerability Scan Report

Validation is required for our most comprehensive scans

Cyber Tzar Change Over Time (Extended)

Article: Credit Card Data and Other Information Targeted in Netflix Phishing Campaign - published almost 8 years ago.
Content: Introduction Through FireEye’s Email Threat Prevention (ETP) solution, FireEye Labs discovered a phishing campaign in the wild targeting the credit card data and other personal information of Netflix users primarily based in the United States. This campaign is interesting because of the evasion techniques that were used by the attackers: The phis...
http://www.fireeye.com/blog/threat-research/2017/01/credit_card_dataand.html
Published: 2017 01 09 16:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

The Cyber Tzar technology stack

Article: Another Darkleech Campaign - published about 11 years ago.
Content: Last week got us up close and personal with Darkleech and Blackhole with our external careers web site. The fun didn’t end there, this week we saw a tidal wave of Darkleech activity linked to a large-scale malvertising campaign identified by the following URL: hXXp://delivery[.]globalcdnnode[.]com/7f01baa99716452bda5bba0572c58be9/afr-zone.php Again ...
http://www.fireeye.com/blog/threat-research/2013/10/another-darkleech-campaign.html
Published: 2013 10 03 17:23:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Port Vulnerability Scan Report

Article: Cerber: Analyzing a Ransomware Attack Methodology To Enable Protection - published over 8 years ago.
Content: Ransomware is a common method of cyber extortion for financial gain that typically involves users being unable to interact with their files, applications or systems until a ransom is paid. Accessibility of cryptocurrency such as Bitcoin has directly contributed to this ransomware model. Based on data from FireEye Dynamic Threat Intelligence (DTI), ...
http://www.fireeye.com/blog/threat-research/2016/07/cerber-ransomware-attack.html
Published: 2016 07 18 12:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Port Vulnerability Scan Report

The Cyber Tzar technology stack

Cyber Tzar Re-Score Report

Article: Using Real-Time Events in Investigations - published over 4 years ago.
Content: To understand what a threat actor did on a Windows system, analysts often turn to the tried and true sources of historical endpoint artifacts such as the Master File Table (MFT), registry hives, and Application Compatibility Cache (AppCompat). However, these evidence sources were not designed with detection or incident response in mind; crucial det...
http://www.fireeye.com/blog/threat-research/2020/05/using-real-time-events-in-investigations.html
Published: 2020 05 14 15:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Why Cyber Tzar?

Article: The 2013 FireEye Advanced Threat Report! - published over 10 years ago.
Content: FireEye has just released its 2013 Advanced Threat Report (ATR), which provides a high-level overview of the computer network attacks that FireEye discovered last year. In this ATR, we focused almost exclusively on a small, but very important subset of our overall data analysis – the advanced persistent threat (APT). APTs, due to their organization...
http://www.fireeye.com/blog/threat-research/2014/02/the-2013-fireeye-advanced-threat-report.html
Published: 2014 02 27 14:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Port Vulnerability Scan Report

Article: A Not-So Civic Duty: Asprox Botnet Campaign Spreads Court Dates and Malware - published over 10 years ago.
Content: Executive Summary FireEye Labs has been tracking a recent spike in malicious email detections that we attribute to a campaign that began in 2013. While malicious email campaigns are nothing new, this one is significant in that we are observing mass-targeting attackers adopting the malware evasion methods pioneered by the stealthier APT attackers....
http://www.fireeye.com/blog/threat-research/2014/06/a-not-so-civic-duty-asprox-botnet-campaign-spreads-court-dates-and-malware.html
Published: 2014 06 16 14:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar SSL Certificate Health Check

Why Cyber Tzar?

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Operation RussianDoll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia’s APT28 in Highly-Targeted Attack - published over 9 years ago.
Content: FireEye Labs recently detected a limited APT campaign exploiting zero-day vulnerabilities in Adobe Flash and a brand-new one in Microsoft Windows. Using the Dynamic Threat Intelligence Cloud (DTI), FireEye researchers detected a pattern of attacks beginning on April 13th, 2015. Adobe independently patched the vulnerability (CVE-2015-3043) in ...
http://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html
Published: 2015 04 18 16:10:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar: Our Vision

Article: Insights into Iranian Cyber Espionage: APT33 Targets Aerospace and Energy Sectors and has Ties to Destructive Malware - published about 7 years ago.
Content: When discussing suspected Middle Eastern hacker groups with destructive capabilities, many automatically think of the suspected Iranian group that previously used SHAMOON – aka Disttrack – to target organizations in the Persian Gulf. However, over the past few years, we have been tracking a separate, less widely known suspected Iranian group with...
http://www.fireeye.com/blog/threat-research/2017/09/apt33-insights-into-iranian-cyber-espionage.html
Published: 2017 09 20 14:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar SSL Certificate Health Check

Article: Excelerating Analysis, Part 2 — X[LOOKUP] Gon’ Pivot To Ya - published over 4 years ago.
Content: In December 2019, we published a blog post on augmenting analysis using Microsoft Excel for various data sets for incident response investigations. As we described, investigations often include custom or proprietary log formats and miscellaneous, non-traditional forensic artifacts. There are, of course, a variety of ways to tackle this task, but ...
http://www.fireeye.com/blog/threat-research/2020/04/excelerating-analysis-lookup-pivot.html
Published: 2020 04 28 17:30:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar SSL Certificate Health Check

Cyber Tzar: Our Vision

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Think Fast: Time Between Disclosure, Patch Release and Vulnerability Exploitation — Intelligence for Vulnerability Management, Part Two - published over 4 years ago.
Content: One of the critical strategic and tactical roles that cyber threat intelligence (CTI) plays is in the tracking, analysis, and prioritization of software vulnerabilities that could potentially put an organization’s data, employees and customers at risk. In this four-part blog series, FireEye Mandiant Threat Intelligence highlights the...
http://www.fireeye.com/blog/threat-research/2020/04/time-between-disclosure-patch-release-and-vulnerability-exploitation.html
Published: 2020 04 13 12:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Goals

Article: Zero-Day Exploitation Increasingly Demonstrates Access to Money, Rather than Skill — Intelligence for Vulnerability Management, Part One - published over 4 years ago.
Content: One of the critical strategic and tactical roles that cyber threat intelligence (CTI) plays is in the tracking, analysis, and prioritization of software vulnerabilities that could potentially put an organization’s data, employees and customers at risk. In this four-part blog series, FireEye Mandiant Threat Intelligence highlights the...
http://www.fireeye.com/blog/threat-research/2020/04/zero-day-exploitation-demonstrates-access-to-money-not-skill.html
Published: 2020 04 06 12:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar SSL Certificate Health Check

Article: Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents - published over 4 years ago.
Content: Targeted ransomware incidents have brought a threat of disruptive and destructive attacks to organizations across industries and geographies. FireEye Mandiant Threat Intelligence has previously documented this threat in our investigations of trends across ransomware incidents, FIN6 activity, implications for OT networks, and other aspects...
http://www.fireeye.com/blog/threat-research/2020/05/tactics-techniques-procedures-associated-with-maze-ransomware-incidents.html
Published: 2020 05 07 23:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Free Score Certificate

Cyber Tzar Goals

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Ransomware Against the Machine: How Adversaries are Learning to Disrupt Industrial Production by Targeting IT and OT - published almost 5 years ago.
Content: Since at least 2017, there has been a significant increase in public disclosures of ransomware incidents impacting industrial production and critical infrastructure organizations. Well-known ransomware families like WannaCry, LockerGoga, MegaCortex, Ryuk, Maze, and now SNAKEHOSE (a.k.a. Snake / Ekans), have cost victims across a variety of industry...
http://www.fireeye.com/blog/threat-research/2020/02/ransomware-against-machine-learning-to-disrupt-industrial-production.html
Published: 2020 02 24 23:30:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Twitter

Article: This Is Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits - published over 4 years ago.
Content: Beginning this year, FireEye observed Chinese actor APT41 carry out one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years. Between January 20 and March 11, FireEye observed APT41 attempt to exploit vulnerabilities in Citrix NetScaler/ADC, Cisco routers, and Zoho ManageEngine Desktop Central at over 75...
http://www.fireeye.com/blog/threat-research/2020/03/apt41-initiates-global-intrusion-campaign-using-multiple-exploits.html
Published: 2020 03 25 12:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Score Summary

Article: It’s Your Money and They Want It Now — The Cycle of Adversary Pursuit - published over 4 years ago.
Content: When we discover new intrusions, we ask ourselves questions that will help us understand the totality of the activity set. How common is this activity? Is there anything unique or special about this malware or campaign? What is new and what is old in terms of TTPs or infrastructure? Is this being seen anywhere else? What information do I have that s...
http://www.fireeye.com/blog/threat-research/2020/03/the-cycle-of-adversary-pursuit.html
Published: 2020 03 31 15:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Your Score Explained

Cyber Tzar Twitter

Cyber Tzar Top Ten Vulnerabilities Explained

Article: SCANdalous! (External Detection Using Network Scan Data and Automation) - published over 4 years ago.
Content: Real Quick In case you’re thrown by that fantastic title, our lawyers made us change the name of this project so we wouldn’t get sued. SCANdalous—a.k.a. Scannah Montana a.k.a. Scanny McScanface a.k.a. “Scan I Kick It? (Yes You Scan)”—had another name before today that, for legal reasons, we’re keeping to ourselves. A special thanks to our legal te...
http://www.fireeye.com/blog/threat-research/2020/07/scandalous-external-detection-using-network-scan-data-and-automation.html
Published: 2020 07 13 18:30:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar LinkedIn page

Article: 'Ghostwriter' Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned With Russian Security Interests - published over 4 years ago.
Content: Mandiant Threat Intelligence has tied together several information operations that we assess with moderate confidence comprise part of a broader influence campaign—ongoing since at least March 2017—aligned with Russian security interests. The operations have primarily targeted audiences in Lithuania, Latvia, and Poland with narratives critical of t...
http://www.fireeye.com/blog/threat-research/2020/07/ghostwriter-influence-campaign.html
Published: 2020 07 29 02:15:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Gold Score Certificate

Article: Obscured by Clouds: Insights into Office 365 Attacks and How Mandiant Managed Defense Investigates - published over 4 years ago.
Content: With Business Email Compromises (BECs) showing no signs of slowing down, it is becoming increasingly important for security analysts to understand Office 365 (O365) breaches and how to properly investigate them. This blog post is for those who have yet to dip their toes into the waters of an O365 BEC, providing a crash course on Microsoft’s cloud...
http://www.fireeye.com/blog/threat-research/2020/07/insights-into-office-365-attacks-and-how-managed-defense-investigates.html
Published: 2020 07 30 19:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Score Analysis

Cyber Tzar LinkedIn page

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Announcing the Seventh Annual Flare-On Challenge - published over 4 years ago.
Content: The Front Line Applied Research & Expertise (FLARE) team is honored to announce that the popular Flare-On challenge will return for a triumphant seventh year. Ongoing global events proved no match against our passion for creating challenging and fun puzzles to test and hone the skills of aspiring and experienced reverse engineers. The conte...
http://www.fireeye.com/blog/threat-research/2020/08/announcing-the-seventh-annual-flare-on-challenge.html
Published: 2020 08 04 15:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Facebook page

Article: Repurposing Neural Networks to Generate Synthetic Media for Information Operations - published over 4 years ago.
Content: FireEye’s Data Science and Information Operations Analysis teams released this blog post to coincide with our Black Hat USA 2020 Briefing, which details how open source, pre-trained neural networks can be leveraged to generate synthetic media for malicious purposes. To summarize our presentation, we first demonstrate three successive proof of con...
http://www.fireeye.com/blog/threat-research/2020/08/repurposing-neural-networks-to-generate-synthetic-media-for-information-operations.html
Published: 2020 08 05 18:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Impact Distribution

Article: Analyzing Dark Crystal RAT, a C# Backdoor - published over 4 years ago.
Content: The FireEye Mandiant Threat Intelligence Team helps protect our customers by tracking cyber attackers and the malware they use. The FLARE Team helps augment our threat intelligence by reverse engineering malware samples. Recently, FLARE worked on a new C# variant of Dark Crystal RAT (DCRat) that the threat intel team passed to us. We reviewed ope...
http://www.fireeye.com/blog/threat-research/2020/05/analyzing-dark-crystal-rat-backdoor.html
Published: 2020 05 12 14:30:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Impact Assesment

Cyber Tzar Facebook page

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Bypassing MassLogger Anti-Analysis — a Man-in-the-Middle Approach - published over 4 years ago.
Content: The FireEye Front Line Applied Research & Expertise (FLARE) Team attempts to always stay on top of the most current and emerging threats. As a member of the FLARE Reverse Engineer team, I recently received a request to analyze a fairly new credential stealer identified as MassLogger. Despite the lack of novel functionalities and features, this ...
http://www.fireeye.com/blog/threat-research/2020/08/bypassing-masslogger-anti-analysis-man-in-the-middle-approach.html
Published: 2020 08 06 19:15:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar's Cyber Security Risk Score

Article: A Hands-On Introduction to Mandiant's Approach to OT Red Teaming - published over 4 years ago.
Content: Operational technology (OT) asset owners have historically considered red teaming of OT and industrial control system (ICS) networks to be too risky due to the potential for disruptions or adverse impact to production systems. While this mindset has remained largely unchanged for years, Mandiant's experience in the field suggests that these perspec...
http://www.fireeye.com/blog/threat-research/2020/08/hands-on-introduction-to-mandiant-approach-to-ot-red-teaming.html
Published: 2020 08 25 09:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Your Score Explained

Article: Emulation of Malicious Shellcode With Speakeasy - published over 4 years ago.
Content: In order to enable emulation of malware samples at scale, we have developed the Speakeasy emulation framework. Speakeasy aims to make it as easy as possible for users who are not malware analysts to acquire triage reports in an automated way, as well as enabling reverse engineers to write custom plugins to triage difficult malware families. Orig...
http://www.fireeye.com/blog/threat-research/2020/08/emulation-of-malicious-shellcode-with-speakeasy.html
Published: 2020 08 26 15:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Groups Explained

Cyber Tzar's Cyber Security Risk Score

Cyber Tzar Top Ten Vulnerabilities Explained

Article: A "DFUR-ent" Perspective on Threat Modeling and Application Log Forensic Analysis - published about 4 years ago.
Content: Many organizations operating in e-commerce, hospitality, healthcare, managed services, and other service industries rely on web applications. And buried within the application logs may be the potential discovery of fraudulent use and/or compromise! But, let's face it, finding evil in application logs can be difficult and overwhelming for a few reas...
http://www.fireeye.com/blog/threat-research/2020/09/dfur-ent-perspective-on-threat-modeling-and-application-log-forensic-analysis.html
Published: 2020 09 14 16:30:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

More than just a Cyber Risk Score

Article: APT41: A Dual Espionage and Cyber Crime Operation - published over 5 years ago.
Content: Today, FireEye Intelligence is releasing a comprehensive report detailing APT41, a prolific Chinese cyber threat group that carries out state-sponsored espionage activity in parallel with financially motivated operations. APT41 is unique among tracked China-based actors in that it leverages non-public malware typically reserved for espionage campai...
http://www.fireeye.com/blog/threat-research/2019/08/apt41-dual-espionage-and-cyber-crime-operation.html
Published: 2019 08 07 12:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: Fuzzing Image Parsing in Windows, Part One: Color Profiles - published about 4 years ago.
Content: Image parsing and rendering are basic features of any modern operating system (OS). Image parsing is an easily accessible attack surface, and a vulnerability that may lead to remote code execution or information disclosure in such a feature is valuable to attackers. In this multi-part blog series, I am reviewing Windows OS’ built-in image parsers a...
http://www.fireeye.com/blog/threat-research/2020/09/fuzzing-image-parsing-in-windows-color-profiles.html
Published: 2020 09 24 15:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

More than just a Cyber Risk Score

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Detecting Microsoft 365 and Azure Active Directory Backdoors - published about 4 years ago.
Content: Mandiant has seen an uptick in incidents involving Microsoft 365 (M365) and Azure Active Directory (Azure AD). Most of these incidents are the result of a phishing email coercing a user to enter their credentials used for accessing M365 into a phishing site. Other incidents have been a result of password spraying, password stuffing, or simple brute...
http://www.fireeye.com/blog/threat-research/2020/09/detecting-microsoft-365-azure-active-directory-backdoors.html
Published: 2020 09 30 16:45:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Suppliers and just a Supply Chain Management

Article: FIN11: Widespread Email Campaigns as Precursor for Ransomware and Data Theft - published about 4 years ago.
Content: Mandiant Threat Intelligence recently promoted a threat cluster to a named FIN (or financially motivated) threat group for the first time since 2017. We have detailed FIN11's various tactics, techniques and procedures in a report that is available now by signing up for Mandiant Advantage Free. In some ways, FIN11 is reminiscent of APT1; they are n...
http://www.fireeye.com/blog/threat-research/2020/10/fin11-email-campaigns-precursor-for-ransomware-data-theft.html
Published: 2020 10 14 12:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: Flare-On 7 Challenge Solutions - published about 4 years ago.
Content: We are thrilled to announce the conclusion of the seventh annual Flare-On challenge. This year proved to be the most difficult challenge we’ve produced, with the lowest rate of finishers. This year’s winners are truly the elite of the elite! Lucky for them, all 260 winners will receive this cyberpunk metal key. We would like to thank the challe...
http://www.fireeye.com/blog/threat-research/2020/10/flare-on-7-challenge-solutions.html
Published: 2020 10 24 00:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Suppliers and just a Supply Chain Management

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Welcome to ThreatPursuit VM: A Threat Intelligence and Hunting Virtual Machine - published about 4 years ago.
Content: Skilled adversaries can deceive detection and often employ new measures in their tradecraft. Keeping a stringent focus on the lifecycle and evolution of adversaries allows analysts to devise new detection mechanisms and response processes. Access to the appropriate tooling and resources is critical to discover these threats within a timely and a...
http://www.fireeye.com/blog/threat-research/2020/10/threatpursuit-vm-threat-intelligence-and-hunting-virtual-machine.html
Published: 2020 10 28 15:30:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar's approach to Security Rating Services

Article: Ransomware Protection and Containment Strategies: Practical Guidance for Endpoint Protection, Hardening, and Containment - published about 5 years ago.
Content: UPDATE (Oct. 30, 2020): We have updated the report to include additional protection and containment strategies based on front-line visibility and response efforts in combating ransomware. While the full scope of recommendations included within the initial report remain unchanged, the following strategies have been added into the report: ...
http://www.fireeye.com/blog/threat-research/2019/09/ransomware-protection-and-containment-strategies.html
Published: 2019 09 05 09:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: In Wild Critical Buffer Overflow Vulnerability in Solaris Can Allow Remote Takeover — CVE-2020-14871 - published about 4 years ago.
Content: FireEye Mandiant has been investigating compromised Oracle Solaris machines in customer environments. During our investigations, we discovered an exploit tool on a customer’s system and analyzed it to see how it was attacking their Solaris environment. The FLARE team’s Offensive Task Force analyzed the exploit to determine how it worked, reproduced...
http://www.fireeye.com/blog/threat-research/2020/11/critical-buffer-overflow-vulnerability-in-solaris-can-allow-remote-takeover.html
Published: 2020 11 04 19:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Cyber Tzar's approach to Security Rating Services

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Live off the Land? How About Bringing Your Own Island? An Overview of UNC1945 - published about 4 years ago.
Content: Through Mandiant investigation of intrusions, the FLARE Advanced Practices team observed a group we track as UNC1945 compromise managed service providers and operate against a tailored set of targets within the financial and professional consulting industries by leveraging access to third-party networks (see this blog post for an in-depth descripti...
http://www.fireeye.com/blog/threat-research/2020/11/live-off-the-land-an-overview-of-unc1945.html
Published: 2020 11 02 19:15:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Risk Impact Assessments from Cyber Tzar

Article: Unhappy Hour Special: KEGTAP and SINGLEMALT With a Ransomware Chaser - published about 4 years ago.
Content: Throughout 2020, ransomware activity has become increasingly prolific, relying on an ecosystem of distinct but co-enabling operations to gain access to targets of interest before conducting extortion. Mandiant Threat Intelligence has tracked several loader and backdoor campaigns that lead to the post-compromise deployment of ransomware, sometimes w...
http://www.fireeye.com/blog/threat-research/2020/10/kegtap-and-singlemalt-with-a-ransomware-chaser.html
Published: 2020 10 28 22:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Re-Score Report

Article: WOW64!Hooks: WOW64 Subsystem Internals and Hooking Techniques - published about 4 years ago.
Content: Microsoft is known for their backwards compatibility. When they rolled out the 64-bit variant of Windows years ago they needed to provide compatibility with existing 32-bit applications. In order to provide seamless execution regardless of application bitness, the WoW (Windows on Windows) system was coined. This layer, which will be referred to as ...
http://www.fireeye.com/blog/threat-research/2020/11/wow64-subsystem-internals-and-hooking-techniques.html
Published: 2020 11 09 19:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Risk Impact Assessments from Cyber Tzar

Cyber Tzar Marketplace Benchmark

Article: CertUtil Qualms: They Came to Drop FOMBs - published about 5 years ago.
Content: This blog post covers an interesting intrusion attempt that Mandiant Managed Defense thwarted involving the rapid weaponization of a recently disclosed vulnerability combined with the creative use of WMI compiled “.bmf” files and CertUtil for obfuscated execution. This intrusion attempt highlights a number of valuable lessons in security, chiefly:...
http://www.fireeye.com/blog/threat-research/2019/10/certutil-qualms-they-came-to-drop-fombs.html
Published: 2019 10 29 18:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar's Automated Penetration Test

Article: Hard Pass: Declining APT34’s Invite to Join Their Professional Network - published over 5 years ago.
Content: Background With increasing geopolitical tensions in the Middle East, we expect Iran to significantly increase the volume and scope of its cyber espionage campaigns. Iran has a critical need for strategic intelligence and is likely to fill this gap by conducting espionage against decision makers and key organizations that may have information that ...
http://www.fireeye.com/blog/threat-research/2019/07/hard-pass-declining-apt34-invite-to-join-their-professional-network.html
Published: 2019 07 18 15:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: COOKIEJAR: Tracking Adversaries With FireEye Endpoint Security’s Logon Tracker Module - published over 4 years ago.
Content: During a recent investigation at a telecommunications company led by Mandiant Managed Defense, our team was tasked with rapidly identifying systems that had been accessed by a threat actor using legitimate, but compromised domain credentials. This sometimes-challenging task was made simple because the customer had enabled the Logon Tracker modu...
http://www.fireeye.com/blog/threat-research/2020/08/cookiejar-tracking-adversaries-with-fireeye-endpoint-security-module.html
Published: 2020 08 11 17:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Cyber Tzar's Automated Penetration Test

Cyber Tzar Benchmark Summary

Article: Head Fake: Tackling Disruptive Ransomware Attacks - published about 5 years ago.
Content: Within the past several months, FireEye has observed financially-motivated threat actors employ tactics that focus on disrupting business processes by deploying ransomware in mass throughout a victim’s environment. Understanding that normal business processes are critical to organizational success, these ransomware campaigns have been accompanied w...
http://www.fireeye.com/blog/threat-research/2019/10/head-fake-tackling-disruptive-ransomware-attacks.html
Published: 2019 10 01 10:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Pen Testing at Cyber Tzar

Article: Purgalicious VBA: Macro Obfuscation With VBA Purging
Content:
http://www.fireeye.com/blog/threat-research/2020/11/purgalicious-vba-macro-obfuscation-with-vba-purging.html
Published: :
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Election Cyber Threats in the Asia-Pacific Region - published about 4 years ago.
Content: In democratic societies, elections are the mechanism for choosing heads of state and policymakers. There are strong incentives for adversary nations to understand the intentions and preferences of the people and parties that will shape a country's future path and to reduce uncertainty about likely winners. Mandiant Threat Intelligence regularly obs...
http://www.fireeye.com/blog/threat-research/2020/11/election-cyber-threats-in-the-asia-pacific-region.html
Published: 2020 11 22 23:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Pen Testing at Cyber Tzar

Cyber Tzar Change Over Time (Basic)

Article: Using Speakeasy Emulation Framework Programmatically to Unpack Malware - published almost 4 years ago.
Content: Andrew Davis recently announced the public release of his new Windows emulation framework named Speakeasy. While the introductory blog post focused on using Speakeasy as an automated malware sandbox of sorts, this entry will highlight another powerful use of the framework: automated malware unpacking. I will demonstrate, with code exampl...
http://www.fireeye.com/blog/threat-research/2020/12/using-speakeasy-emulation-framework-programmatically-to-unpack-malware.html
Published: 2020 12 01 20:30:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Shift Left and SecDevOps Integration

Article: Unauthorized Access of FireEye Red Team Tools - published almost 4 years ago.
Content: Overview A highly sophisticated state-sponsored adversary stole FireEye Red Team tools. Because we believe that an adversary possesses these tools, and we do not know whether the attacker intends to use the stolen tools themselves or publicly disclose them, FireEye is releasing hundreds of countermeasures with this blog post to enable the broader ...
http://www.fireeye.com/blog/threat-research/2020/12/unauthorized-access-of-fireeye-red-team-tools.html
Published: 2020 12 08 21:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor - published almost 4 years ago.
Content: Executive Summary We have discovered a global intrusion campaign. We are tracking the actors behind this campaign as UNC2452. FireEye discovered a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware we call SUNBURST. The attacker’s post compromise activity leverages multiple techniq...
http://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html
Published: 2020 12 13 22:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Shift Left and SecDevOps Integration

Cyber Tzar Port Vulnerability Scan Report

Article: SUNBURST Additional Technical Details - published almost 4 years ago.
Content: FireEye has discovered additional details about the SUNBURST backdoor since our initial publication on Dec. 13, 2020. Before diving into the technical depth of this malware, we recommend readers familiarize themselves with our blog post about the SolarWinds supply chain compromise, which revealed a global intrusion campaign by a sophisticated thr...
http://www.fireeye.com/blog/threat-research/2020/12/sunburst-additional-technical-details.html
Published: 2020 12 24 20:15:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar's Third Party Risk Management

Article: Excelerating Analysis – Tips and Tricks to Analyze Data with Microsoft Excel - published almost 5 years ago.
Content: Incident response investigations don’t always involve standard host-based artifacts with fully developed parsing and analysis tools. At FireEye Mandiant, we frequently encounter incidents that involve a number of systems and solutions that utilize custom logging or artifact data. Determining what happened in an incident involves taking a dive into ...
http://www.fireeye.com/blog/threat-research/2019/12/tips-and-tricks-to-analyze-data-with-microsoft-excel.html
Published: 2019 12 03 16:00:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Emulation of Kernel Mode Rootkits With Speakeasy - published almost 4 years ago.
Content: In August 2020, we released a blog post about how the Speakeasy emulation framework can be used to emulate user mode malware such as shellcode. If you haven’t had a chance, give the post a read today. In addition to user mode emulation, Speakeasy also supports emulation of kernel mode Windows binaries. When malware authors employ kernel mode mal...
http://www.fireeye.com/blog/threat-research/2021/01/emulation-of-kernel-mode-rootkits-with-speakeasy.html
Published: 2021 01 20 16:45:00
Received: 2021 06 06 09:05:11
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained

Cyber Tzar's Third Party Risk Management

Cyber Tzar Port Vulnerability Scan Report

All Articles

Ordered by Date Received : Year: "2021" Month: "06"
Page: << < 184 (of 221) > >>

Total Articles in this collection: 11,093

"All Articles" links back to the front page, effectivly the Planet "Home Page"; shows all articles, with no selections, or groupings.
Default date ordering is by "Received Date" (due to not all RSS feeds having a "Published Date").
Only Published Date selections use the articles Published Date.
The first page always shows fifty items plus from zero to up to a remaining forty-nine items, before they are commited permently to the next page.
All subsequent pages show fifty items.
Pagination is in reverse ordering (so that pages are permamenent links, aka "permalinks", to their content).
"<<" moves you to the first page (aka newest articles)
">>" moves you to the last page (aka oldest articles)
"<" moves you to the previous page (aka newer articles)
">" moves you to the next page (aka older articles)
Return to the top of this page Go Now

Ordered by Date Received : Year: "2021" Month: "06" Page: << < 184 (of 221) > >>

Total Articles in this collection: 11,093

Ordered by Date Received : Year: "2021" Month: "06" Page: << < 184 (of 221) > >>

Total Articles in this collection: 11,093

Navigation Help

Custom HTML Block

Ordered by Date Received : Year: "2021" Month: "06"
Page: << < 184 (of 221) > >>

Ordered by Date Received : Year: "2021" Month: "06"
Page: << < 184 (of 221) > >>