All Articles
Ordered by Date Received
: Year: "2021"
Month: "11"
Day: "03"
Page:
<<
<
2 (of 9)
>
>>
Total Articles in this collection: 466
Navigation Help at the bottom of the page
Article: Second Adobe Flash Zero-Day CVE-2015-5122 from HackingTeam Exploited in Strategic Web Compromise Targeting Japanese Victims - published over 9 years ago.
Content: On July 14, FireEye researchers discovered attacks exploiting the Adobe Flash vulnerability CVE-2015-5122, just four days after Adobe released a patch. CVE-2015-5122 was the second Adobe Flash zero-day revealed in the leak of HackingTeam’s internal data. The campaign targeted Japanese organizations by using at least two legitimate Japanese websites...
http://www.fireeye.com/blog/threat-research/2015/07/second_adobe_flashz.html
Published: 2015 07 19 20:00:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: On July 14, FireEye researchers discovered attacks exploiting the Adobe Flash vulnerability CVE-2015-5122, just four days after Adobe released a patch. CVE-2015-5122 was the second Adobe Flash zero-day revealed in the leak of HackingTeam’s internal data. The campaign targeted Japanese organizations by using at least two legitimate Japanese websites...
http://www.fireeye.com/blog/threat-research/2015/07/second_adobe_flashz.html
Published: 2015 07 19 20:00:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Second Adobe Flash Zero-Day CVE-2015-5122 from HackingTeam Exploited in Strategic Web Compromise Targeting Japanese Victims - published over 9 years ago. Content: On July 14, FireEye researchers discovered attacks exploiting the Adobe Flash vulnerability CVE-2015-5122, just four days after Adobe released a patch. CVE-2015-5122 was the second Adobe Flash zero-day revealed in the leak of HackingTeam’s internal data. The campaign targeted Japanese organizations by using at least two legitimate Japanese websites... http://www.fireeye.com/blog/threat-research/2015/07/second_adobe_flashz.html Published: 2015 07 19 20:00:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: iBackDoor: High-risk Code Sneaks into the App Store - published about 9 years ago.
Content: The library embeds backdoors in unsuspecting apps that make use of it to display ads, exposing sensitive data and functionality. The backdoors can be controlled remotely by loading JavaScript code from remote servers to perform the following actions: Capture audio and screenshots. Monitor and upload device location. Read/delete/create/modify file...
http://www.fireeye.com/blog/threat-research/2015/10/ibackdoor_high-risk.html
Published: 2015 10 26 13:51:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: The library embeds backdoors in unsuspecting apps that make use of it to display ads, exposing sensitive data and functionality. The backdoors can be controlled remotely by loading JavaScript code from remote servers to perform the following actions: Capture audio and screenshots. Monitor and upload device location. Read/delete/create/modify file...
http://www.fireeye.com/blog/threat-research/2015/10/ibackdoor_high-risk.html
Published: 2015 10 26 13:51:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: iBackDoor: High-risk Code Sneaks into the App Store - published about 9 years ago. Content: The library embeds backdoors in unsuspecting apps that make use of it to display ads, exposing sensitive data and functionality. The backdoors can be controlled remotely by loading JavaScript code from remote servers to perform the following actions: Capture audio and screenshots. Monitor and upload device location. Read/delete/create/modify file... http://www.fireeye.com/blog/threat-research/2015/10/ibackdoor_high-risk.html Published: 2015 10 26 13:51:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: A Growing Number of Android Malware Families Believed to Have a Common Origin: A Study Based on Binary Code - published over 8 years ago.
Content: Introduction On Feb. 19, IBM XForce researchers released an intelligence report [1] stating that the source code for GM Bot was leaked to a crimeware forum in December 2015. GM Bot is a sophisticated Android malware family that emerged in the Russian-speaking cybercrime underground in late 2014. IBM also claimed that several Android malware f...
http://www.fireeye.com/blog/threat-research/2016/03/android-malware-families.html
Published: 2016 03 11 15:04:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Introduction On Feb. 19, IBM XForce researchers released an intelligence report [1] stating that the source code for GM Bot was leaked to a crimeware forum in December 2015. GM Bot is a sophisticated Android malware family that emerged in the Russian-speaking cybercrime underground in late 2014. IBM also claimed that several Android malware f...
http://www.fireeye.com/blog/threat-research/2016/03/android-malware-families.html
Published: 2016 03 11 15:04:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: A Growing Number of Android Malware Families Believed to Have a Common Origin: A Study Based on Binary Code - published over 8 years ago. Content: Introduction On Feb. 19, IBM XForce researchers released an intelligence report [1] stating that the source code for GM Bot was leaked to a crimeware forum in December 2015. GM Bot is a sophisticated Android malware family that emerged in the Russian-speaking cybercrime underground in late 2014. IBM also claimed that several Android malware f... http://www.fireeye.com/blog/threat-research/2016/03/android-malware-families.html Published: 2016 03 11 15:04:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: #TweetBlog: APT29, Phishing and the Challenges of Attribution - published about 6 years ago.
Content: FireEye researchers, analysts and incident responders frequently share information and engage with the security community on Twitter and other social media platforms. Sometimes this information adds so much to ongoing discussions that we feel it is important to share on our blogs. Recently, we detected intrusion attempts against multiple industr...
http://www.fireeye.com/blog/threat-research/2018/11/tweetblog-apt29-phishing-and-the-challenges-of-attribution.html
Published: 2018 11 20 04:55:36
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: FireEye researchers, analysts and incident responders frequently share information and engage with the security community on Twitter and other social media platforms. Sometimes this information adds so much to ongoing discussions that we feel it is important to share on our blogs. Recently, we detected intrusion attempts against multiple industr...
http://www.fireeye.com/blog/threat-research/2018/11/tweetblog-apt29-phishing-and-the-challenges-of-attribution.html
Published: 2018 11 20 04:55:36
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: #TweetBlog: APT29, Phishing and the Challenges of Attribution - published about 6 years ago. Content: FireEye researchers, analysts and incident responders frequently share information and engage with the security community on Twitter and other social media platforms. Sometimes this information adds so much to ongoing discussions that we feel it is important to share on our blogs. Recently, we detected intrusion attempts against multiple industr... http://www.fireeye.com/blog/threat-research/2018/11/tweetblog-apt29-phishing-and-the-challenges-of-attribution.html Published: 2018 11 20 04:55:36 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: GAME OVER: Detecting and Stopping an APT41 Operation - published over 5 years ago.
Content: In August 2019, FireEye released the “Double Dragon” report on our newest graduated threat group, APT41. A China-nexus dual espionage and financially-focused group, APT41 targets industries such as gaming, healthcare, high-tech, higher education, telecommunications, and travel services. APT41 is known to adapt quickly to changes and detections wi...
http://www.fireeye.com/blog/threat-research/2019/08/game-over-detecting-and-stopping-an-apt41-operation.html
Published: 2019 08 19 17:30:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: In August 2019, FireEye released the “Double Dragon” report on our newest graduated threat group, APT41. A China-nexus dual espionage and financially-focused group, APT41 targets industries such as gaming, healthcare, high-tech, higher education, telecommunications, and travel services. APT41 is known to adapt quickly to changes and detections wi...
http://www.fireeye.com/blog/threat-research/2019/08/game-over-detecting-and-stopping-an-apt41-operation.html
Published: 2019 08 19 17:30:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: GAME OVER: Detecting and Stopping an APT41 Operation - published over 5 years ago. Content: In August 2019, FireEye released the “Double Dragon” report on our newest graduated threat group, APT41. A China-nexus dual espionage and financially-focused group, APT41 targets industries such as gaming, healthcare, high-tech, higher education, telecommunications, and travel services. APT41 is known to adapt quickly to changes and detections wi... http://www.fireeye.com/blog/threat-research/2019/08/game-over-detecting-and-stopping-an-apt41-operation.html Published: 2019 08 19 17:30:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Finding Evil in Windows 10 Compressed Memory, Part Two: Virtual Store Deep Dive - published over 5 years ago.
Content: Introduction This blog post is the second in a three-part series covering our Windows 10 memory forensics research and it coincides with our BlackHat USA 2019 presentation. In Part One of the series, we covered the integration of the research in both Volatily and Rekall memory forensics tools. We demonstrated that forensic artifacts (including...
http://www.fireeye.com/blog/threat-research/2019/08/finding-evil-in-windows-ten-compressed-memory-part-two.html
Published: 2019 08 08 20:30:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Introduction This blog post is the second in a three-part series covering our Windows 10 memory forensics research and it coincides with our BlackHat USA 2019 presentation. In Part One of the series, we covered the integration of the research in both Volatily and Rekall memory forensics tools. We demonstrated that forensic artifacts (including...
http://www.fireeye.com/blog/threat-research/2019/08/finding-evil-in-windows-ten-compressed-memory-part-two.html
Published: 2019 08 08 20:30:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Finding Evil in Windows 10 Compressed Memory, Part Two: Virtual Store Deep Dive - published over 5 years ago. Content: Introduction This blog post is the second in a three-part series covering our Windows 10 memory forensics research and it coincides with our BlackHat USA 2019 presentation. In Part One of the series, we covered the integration of the research in both Volatily and Rekall memory forensics tools. We demonstrated that forensic artifacts (including... http://www.fireeye.com/blog/threat-research/2019/08/finding-evil-in-windows-ten-compressed-memory-part-two.html Published: 2019 08 08 20:30:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Healthcare: Research Data and PII Continuously Targeted by Multiple Threat Actors - published about 5 years ago.
Content: The healthcare industry faces a range of threat groups and malicious activity. Given the critical role that healthcare plays within society and its relationship with our most sensitive information, the risk to this sector is especially consequential. It may also be one of the major reasons why we find healthcare to be one of the most retargeted indus...
http://www.fireeye.com/blog/threat-research/2019/08/healthcare-research-data-pii-continuously-targeted-by-multiple-threat-actors.html
Published: 2019 08 23 18:30:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: The healthcare industry faces a range of threat groups and malicious activity. Given the critical role that healthcare plays within society and its relationship with our most sensitive information, the risk to this sector is especially consequential. It may also be one of the major reasons why we find healthcare to be one of the most retargeted indus...
http://www.fireeye.com/blog/threat-research/2019/08/healthcare-research-data-pii-continuously-targeted-by-multiple-threat-actors.html
Published: 2019 08 23 18:30:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Healthcare: Research Data and PII Continuously Targeted by Multiple Threat Actors - published about 5 years ago. Content: The healthcare industry faces a range of threat groups and malicious activity. Given the critical role that healthcare plays within society and its relationship with our most sensitive information, the risk to this sector is especially consequential. It may also be one of the major reasons why we find healthcare to be one of the most retargeted indus... http://www.fireeye.com/blog/threat-research/2019/08/healthcare-research-data-pii-continuously-targeted-by-multiple-threat-actors.html Published: 2019 08 23 18:30:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Definitive Dossier of Devilish Debug Details – Part One: PDB Paths and Malware - published about 5 years ago.
Content: Have you ever wondered what goes through the mind of a malware author? How they build their tools? How they organize their development projects? What kind of computers and software they use? We took a stab and answering some of those questions by exploring malware debug information. We find that malware developers give descriptive names to their f...
http://www.fireeye.com/blog/threat-research/2019/08/definitive-dossier-of-devilish-debug-details-part-one-pdb-paths-malware.html
Published: 2019 08 29 22:00:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Have you ever wondered what goes through the mind of a malware author? How they build their tools? How they organize their development projects? What kind of computers and software they use? We took a stab and answering some of those questions by exploring malware debug information. We find that malware developers give descriptive names to their f...
http://www.fireeye.com/blog/threat-research/2019/08/definitive-dossier-of-devilish-debug-details-part-one-pdb-paths-malware.html
Published: 2019 08 29 22:00:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Definitive Dossier of Devilish Debug Details – Part One: PDB Paths and Malware - published about 5 years ago. Content: Have you ever wondered what goes through the mind of a malware author? How they build their tools? How they organize their development projects? What kind of computers and software they use? We took a stab and answering some of those questions by exploring malware debug information. We find that malware developers give descriptive names to their f... http://www.fireeye.com/blog/threat-research/2019/08/definitive-dossier-of-devilish-debug-details-part-one-pdb-paths-malware.html Published: 2019 08 29 22:00:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Open Sourcing StringSifter - published about 5 years ago.
Content: Malware analysts routinely use the Strings program during static analysis in order to inspect a binary's printable characters. However, identifying relevant strings by hand is time consuming and prone to human error. Larger binaries produce upwards of thousands of strings that can quickly evoke analyst fatigue, relevant strings occur less often tha...
http://www.fireeye.com/blog/threat-research/2019/09/open-sourcing-stringsifter.html
Published: 2019 09 07 17:00:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Malware analysts routinely use the Strings program during static analysis in order to inspect a binary's printable characters. However, identifying relevant strings by hand is time consuming and prone to human error. Larger binaries produce upwards of thousands of strings that can quickly evoke analyst fatigue, relevant strings occur less often tha...
http://www.fireeye.com/blog/threat-research/2019/09/open-sourcing-stringsifter.html
Published: 2019 09 07 17:00:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Open Sourcing StringSifter - published about 5 years ago. Content: Malware analysts routinely use the Strings program during static analysis in order to inspect a binary's printable characters. However, identifying relevant strings by hand is time consuming and prone to human error. Larger binaries produce upwards of thousands of strings that can quickly evoke analyst fatigue, relevant strings occur less often tha... http://www.fireeye.com/blog/threat-research/2019/09/open-sourcing-stringsifter.html Published: 2019 09 07 17:00:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: 2019 Flare-On Challenge Solutions - published about 5 years ago.
Content: We are pleased to announce the conclusion of the sixth annual Flare-On Challenge. The popularity of this event continues to grow and this year we saw a record number of players as well as finishers. We will break down the numbers later in the post, but right now let’s look at the fun stuff: the prize! Each of the 308 dedicated and amazing players t...
http://www.fireeye.com/blog/threat-research/2019/09/2019-flare-on-challenge-solutions.html
Published: 2019 09 28 00:00:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: We are pleased to announce the conclusion of the sixth annual Flare-On Challenge. The popularity of this event continues to grow and this year we saw a record number of players as well as finishers. We will break down the numbers later in the post, but right now let’s look at the fun stuff: the prize! Each of the 308 dedicated and amazing players t...
http://www.fireeye.com/blog/threat-research/2019/09/2019-flare-on-challenge-solutions.html
Published: 2019 09 28 00:00:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: 2019 Flare-On Challenge Solutions - published about 5 years ago. Content: We are pleased to announce the conclusion of the sixth annual Flare-On Challenge. The popularity of this event continues to grow and this year we saw a record number of players as well as finishers. We will break down the numbers later in the post, but right now let’s look at the fun stuff: the prize! Each of the 308 dedicated and amazing players t... http://www.fireeye.com/blog/threat-research/2019/09/2019-flare-on-challenge-solutions.html Published: 2019 09 28 00:00:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Showing Vulnerability to a Machine: Automated Prioritization of Software Vulnerabilities - published over 5 years ago.
Content: Introduction If a software vulnerability can be detected and remedied, then a potential intrusion is prevented. While not all software vulnerabilities are known, 86 percent of vulnerabilities leading to a data breach were patchable, though there is some risk of inadvertent damage when applying software patches. When new vulnerabilities are ide...
http://www.fireeye.com/blog/threat-research/2019/08/automated-prioritization-of-software-vulnerabilities.html
Published: 2019 08 13 16:45:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Introduction If a software vulnerability can be detected and remedied, then a potential intrusion is prevented. While not all software vulnerabilities are known, 86 percent of vulnerabilities leading to a data breach were patchable, though there is some risk of inadvertent damage when applying software patches. When new vulnerabilities are ide...
http://www.fireeye.com/blog/threat-research/2019/08/automated-prioritization-of-software-vulnerabilities.html
Published: 2019 08 13 16:45:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Showing Vulnerability to a Machine: Automated Prioritization of Software Vulnerabilities - published over 5 years ago. Content: Introduction If a software vulnerability can be detected and remedied, then a potential intrusion is prevented. While not all software vulnerabilities are known, 86 percent of vulnerabilities leading to a data breach were patchable, though there is some risk of inadvertent damage when applying software patches. When new vulnerabilities are ide... http://www.fireeye.com/blog/threat-research/2019/08/automated-prioritization-of-software-vulnerabilities.html Published: 2019 08 13 16:45:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Finding Evil in Windows 10 Compressed Memory, Part Three: Automating Undocumented Structure Extraction - published over 5 years ago.
Content: This is the final post in the three-part series: Finding Evil in Windows 10 Compressed Memory. In the first post (Volatility and Rekall Tools), the FLARE team introduced updates to both memory forensic toolkits. These updates enabled these open source tools to analyze previously inaccessible compressed data in memory. This research was shared...
http://www.fireeye.com/blog/threat-research/2019/08/finding-evil-in-windows-ten-compressed-memory-part-three.html
Published: 2019 08 08 20:45:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: This is the final post in the three-part series: Finding Evil in Windows 10 Compressed Memory. In the first post (Volatility and Rekall Tools), the FLARE team introduced updates to both memory forensic toolkits. These updates enabled these open source tools to analyze previously inaccessible compressed data in memory. This research was shared...
http://www.fireeye.com/blog/threat-research/2019/08/finding-evil-in-windows-ten-compressed-memory-part-three.html
Published: 2019 08 08 20:45:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Finding Evil in Windows 10 Compressed Memory, Part Three: Automating Undocumented Structure Extraction - published over 5 years ago. Content: This is the final post in the three-part series: Finding Evil in Windows 10 Compressed Memory. In the first post (Volatility and Rekall Tools), the FLARE team introduced updates to both memory forensic toolkits. These updates enabled these open source tools to analyze previously inaccessible compressed data in memory. This research was shared... http://www.fireeye.com/blog/threat-research/2019/08/finding-evil-in-windows-ten-compressed-memory-part-three.html Published: 2019 08 08 20:45:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: The FireEye OT-CSIO: An Ontology to Understand, Cross-Compare, and Assess Operational Technology Cyber Security Incidents - published about 5 years ago.
Content: The FireEye Operational Technology Cyber Security Incident Ontology (OT-CSIO) While the number of threats to operational technology (OT) have significantly increased since the discovery of Stuxnet – driven by factors such as the growing convergence with information technology (IT) networks and the increasing availability of OT information, technol...
http://www.fireeye.com/blog/threat-research/2019/09/ontology-understand-assess-operational-technology-cyber-incidents.html
Published: 2019 09 30 17:00:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: The FireEye Operational Technology Cyber Security Incident Ontology (OT-CSIO) While the number of threats to operational technology (OT) have significantly increased since the discovery of Stuxnet – driven by factors such as the growing convergence with information technology (IT) networks and the increasing availability of OT information, technol...
http://www.fireeye.com/blog/threat-research/2019/09/ontology-understand-assess-operational-technology-cyber-incidents.html
Published: 2019 09 30 17:00:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: The FireEye OT-CSIO: An Ontology to Understand, Cross-Compare, and Assess Operational Technology Cyber Security Incidents - published about 5 years ago. Content: The FireEye Operational Technology Cyber Security Incident Ontology (OT-CSIO) While the number of threats to operational technology (OT) have significantly increased since the discovery of Stuxnet – driven by factors such as the growing convergence with information technology (IT) networks and the increasing availability of OT information, technol... http://www.fireeye.com/blog/threat-research/2019/09/ontology-understand-assess-operational-technology-cyber-incidents.html Published: 2019 09 30 17:00:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: IDA, I Think It’s Time You And I Had a Talk: Controlling IDA Pro With Voice Control Software - published about 5 years ago.
Content: Introduction This blog post is the next episode in the FireEye Labs Advanced Reverse Engineering (FLARE) team Script Series. Today, we are sharing something quite unusual. It is not a tool or a virtual machine distribution, nor is it a plugin or script for a popular reverse engineering tool or framework. Rather, it is a profile created for a consu...
http://www.fireeye.com/blog/threat-research/2019/10/controlling-ida-pro-with-voice-control-software.html
Published: 2019 10 03 17:00:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Introduction This blog post is the next episode in the FireEye Labs Advanced Reverse Engineering (FLARE) team Script Series. Today, we are sharing something quite unusual. It is not a tool or a virtual machine distribution, nor is it a plugin or script for a popular reverse engineering tool or framework. Rather, it is a profile created for a consu...
http://www.fireeye.com/blog/threat-research/2019/10/controlling-ida-pro-with-voice-control-software.html
Published: 2019 10 03 17:00:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: IDA, I Think It’s Time You And I Had a Talk: Controlling IDA Pro With Voice Control Software - published about 5 years ago. Content: Introduction This blog post is the next episode in the FireEye Labs Advanced Reverse Engineering (FLARE) team Script Series. Today, we are sharing something quite unusual. It is not a tool or a virtual machine distribution, nor is it a plugin or script for a popular reverse engineering tool or framework. Rather, it is a profile created for a consu... http://www.fireeye.com/blog/threat-research/2019/10/controlling-ida-pro-with-voice-control-software.html Published: 2019 10 03 17:00:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Living off the Orchard: Leveraging Apple Remote Desktop for Good and Evil - published about 5 years ago.
Content: Attackers often make their lives easier by relying on pre-existing operating system and third party applications in an enterprise environment. Leveraging these applications assists them with blending in with normal network activity and removes the need to develop or bring their own malware. This tactic is often referred to as Living Off The Land....
http://www.fireeye.com/blog/threat-research/2019/10/leveraging-apple-remote-desktop-for-good-and-evil.html
Published: 2019 10 09 21:30:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Attackers often make their lives easier by relying on pre-existing operating system and third party applications in an enterprise environment. Leveraging these applications assists them with blending in with normal network activity and removes the need to develop or bring their own malware. This tactic is often referred to as Living Off The Land....
http://www.fireeye.com/blog/threat-research/2019/10/leveraging-apple-remote-desktop-for-good-and-evil.html
Published: 2019 10 09 21:30:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Living off the Orchard: Leveraging Apple Remote Desktop for Good and Evil - published about 5 years ago. Content: Attackers often make their lives easier by relying on pre-existing operating system and third party applications in an enterprise environment. Leveraging these applications assists them with blending in with normal network activity and removes the need to develop or bring their own malware. This tactic is often referred to as Living Off The Land.... http://www.fireeye.com/blog/threat-research/2019/10/leveraging-apple-remote-desktop-for-good-and-evil.html Published: 2019 10 09 21:30:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Staying Hidden on the Endpoint: Evading Detection with Shellcode - published about 5 years ago.
Content: True red team assessments require a secondary objective of avoiding detection. Part of the glory of a successful red team assessment is not getting detected by anything or anyone on the system. As modern Endpoint Detection and Response (EDR) products have matured over the years, the red teams must follow suit. This blog post will provide some insig...
http://www.fireeye.com/blog/threat-research/2019/10/staying-hidden-on-the-endpoint-evading-detection-with-shellcode.html
Published: 2019 10 10 18:00:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: True red team assessments require a secondary objective of avoiding detection. Part of the glory of a successful red team assessment is not getting detected by anything or anyone on the system. As modern Endpoint Detection and Response (EDR) products have matured over the years, the red teams must follow suit. This blog post will provide some insig...
http://www.fireeye.com/blog/threat-research/2019/10/staying-hidden-on-the-endpoint-evading-detection-with-shellcode.html
Published: 2019 10 10 18:00:00
Received: 2021 11 03 23:00:23
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Staying Hidden on the Endpoint: Evading Detection with Shellcode - published about 5 years ago. Content: True red team assessments require a secondary objective of avoiding detection. Part of the glory of a successful red team assessment is not getting detected by anything or anyone on the system. As modern Endpoint Detection and Response (EDR) products have matured over the years, the red teams must follow suit. This blog post will provide some insig... http://www.fireeye.com/blog/threat-research/2019/10/staying-hidden-on-the-endpoint-evading-detection-with-shellcode.html Published: 2019 10 10 18:00:00 Received: 2021 11 03 23:00:23 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Mahalo FIN7: Responding to the Criminal Operators’ New Tools and Techniques - published about 5 years ago.
Content: During several recent incident response engagements, FireEye Mandiant investigators uncovered new tools in FIN7’s malware arsenal and kept pace as the global criminal operators attempted new evasion techniques. In this blog, we reveal two of FIN7’s new tools that we have called BOOSTWRITE and RDFSNIFFER. The first of FIN7's new tools is BOOSTWRI...
http://www.fireeye.com/blog/threat-research/2019/10/mahalo-fin7-responding-to-new-tools-and-techniques.html
Published: 2019 10 10 12:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: During several recent incident response engagements, FireEye Mandiant investigators uncovered new tools in FIN7’s malware arsenal and kept pace as the global criminal operators attempted new evasion techniques. In this blog, we reveal two of FIN7’s new tools that we have called BOOSTWRITE and RDFSNIFFER. The first of FIN7's new tools is BOOSTWRI...
http://www.fireeye.com/blog/threat-research/2019/10/mahalo-fin7-responding-to-new-tools-and-techniques.html
Published: 2019 10 10 12:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Mahalo FIN7: Responding to the Criminal Operators’ New Tools and Techniques - published about 5 years ago. Content: During several recent incident response engagements, FireEye Mandiant investigators uncovered new tools in FIN7’s malware arsenal and kept pace as the global criminal operators attempted new evasion techniques. In this blog, we reveal two of FIN7’s new tools that we have called BOOSTWRITE and RDFSNIFFER. The first of FIN7's new tools is BOOSTWRI... http://www.fireeye.com/blog/threat-research/2019/10/mahalo-fin7-responding-to-new-tools-and-techniques.html Published: 2019 10 10 12:00:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: LOWKEY: Hunting for the Missing Volume Serial ID - published about 5 years ago.
Content: In August 2019, FireEye released the “Double Dragon” report on our newest graduated threat group: APT41. A China-nexus dual espionage and financially-focused group, APT41 targets industries such as gaming, healthcare, high-tech, higher education, telecommunications, and travel services. This blog post is about the sophisticated passive backdoor we t...
http://www.fireeye.com/blog/threat-research/2019/10/lowkey-hunting-for-the-missing-volume-serial-id.html
Published: 2019 10 15 14:15:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: In August 2019, FireEye released the “Double Dragon” report on our newest graduated threat group: APT41. A China-nexus dual espionage and financially-focused group, APT41 targets industries such as gaming, healthcare, high-tech, higher education, telecommunications, and travel services. This blog post is about the sophisticated passive backdoor we t...
http://www.fireeye.com/blog/threat-research/2019/10/lowkey-hunting-for-the-missing-volume-serial-id.html
Published: 2019 10 15 14:15:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: LOWKEY: Hunting for the Missing Volume Serial ID - published about 5 years ago. Content: In August 2019, FireEye released the “Double Dragon” report on our newest graduated threat group: APT41. A China-nexus dual espionage and financially-focused group, APT41 targets industries such as gaming, healthcare, high-tech, higher education, telecommunications, and travel services. This blog post is about the sophisticated passive backdoor we t... http://www.fireeye.com/blog/threat-research/2019/10/lowkey-hunting-for-the-missing-volume-serial-id.html Published: 2019 10 15 14:15:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Definitive Dossier of Devilish Debug Details – Part Deux: A Didactic Deep Dive into Data Driven Deductions - published about 5 years ago.
Content: In Part One of this blog series, Steve Miller outlined what PDB paths are, how they appear in malware, how we use them to detect malicious files, and how we sometimes use them to make associations about groups and actors. As Steve continued his research into PDB paths, we became interested in applying more general statistical analysis. The PDB p...
http://www.fireeye.com/blog/threat-research/2019/10/definitive-dossier-of-devilish-debug-details-part-deux.html
Published: 2019 10 17 15:30:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: In Part One of this blog series, Steve Miller outlined what PDB paths are, how they appear in malware, how we use them to detect malicious files, and how we sometimes use them to make associations about groups and actors. As Steve continued his research into PDB paths, we became interested in applying more general statistical analysis. The PDB p...
http://www.fireeye.com/blog/threat-research/2019/10/definitive-dossier-of-devilish-debug-details-part-deux.html
Published: 2019 10 17 15:30:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Definitive Dossier of Devilish Debug Details – Part Deux: A Didactic Deep Dive into Data Driven Deductions - published about 5 years ago. Content: In Part One of this blog series, Steve Miller outlined what PDB paths are, how they appear in malware, how we use them to detect malicious files, and how we sometimes use them to make associations about groups and actors. As Steve continued his research into PDB paths, we became interested in applying more general statistical analysis. The PDB p... http://www.fireeye.com/blog/threat-research/2019/10/definitive-dossier-of-devilish-debug-details-part-deux.html Published: 2019 10 17 15:30:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: SharPersist: Windows Persistence Toolkit in C# - published about 5 years ago.
Content: Background PowerShell has been used by the offensive community for several years now but recent advances in the defensive security industry are causing offensive toolkits to migrate from PowerShell to reflective C# to evade modern security products. Some of these advancements include Script Block Logging, Antimalware Scripting Interface (AMSI), and ...
http://www.fireeye.com/blog/threat-research/2019/09/sharpersist-windows-persistence-toolkit.html
Published: 2019 09 03 16:30:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Background PowerShell has been used by the offensive community for several years now but recent advances in the defensive security industry are causing offensive toolkits to migrate from PowerShell to reflective C# to evade modern security products. Some of these advancements include Script Block Logging, Antimalware Scripting Interface (AMSI), and ...
http://www.fireeye.com/blog/threat-research/2019/09/sharpersist-windows-persistence-toolkit.html
Published: 2019 09 03 16:30:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: SharPersist: Windows Persistence Toolkit in C# - published about 5 years ago. Content: Background PowerShell has been used by the offensive community for several years now but recent advances in the defensive security industry are causing offensive toolkits to migrate from PowerShell to reflective C# to evade modern security products. Some of these advancements include Script Block Logging, Antimalware Scripting Interface (AMSI), and ... http://www.fireeye.com/blog/threat-research/2019/09/sharpersist-windows-persistence-toolkit.html Published: 2019 09 03 16:30:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Commando VM 2.0: Customization, Containers, and Kali, Oh My! - published over 5 years ago.
Content: The Complete Mandiant Offensive Virtual Machine (“Commando VM”) swept the penetration testing community by storm when it debuted in early 2019 at Black Hat Asia Arsenal. Our 1.0 release made headway featuring more than 140 tools. Well now we are back again for another spectacular release, this time at Black Hat USA Arsenal 2019! In this 2.0 release...
http://www.fireeye.com/blog/threat-research/2019/08/commando-vm-customization-containers-kali.html
Published: 2019 08 07 19:15:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: The Complete Mandiant Offensive Virtual Machine (“Commando VM”) swept the penetration testing community by storm when it debuted in early 2019 at Black Hat Asia Arsenal. Our 1.0 release made headway featuring more than 140 tools. Well now we are back again for another spectacular release, this time at Black Hat USA Arsenal 2019! In this 2.0 release...
http://www.fireeye.com/blog/threat-research/2019/08/commando-vm-customization-containers-kali.html
Published: 2019 08 07 19:15:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Commando VM 2.0: Customization, Containers, and Kali, Oh My! - published over 5 years ago. Content: The Complete Mandiant Offensive Virtual Machine (“Commando VM”) swept the penetration testing community by storm when it debuted in early 2019 at Black Hat Asia Arsenal. Our 1.0 release made headway featuring more than 140 tools. Well now we are back again for another spectacular release, this time at Black Hat USA Arsenal 2019! In this 2.0 release... http://www.fireeye.com/blog/threat-research/2019/08/commando-vm-customization-containers-kali.html Published: 2019 08 07 19:15:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Hunting COM Objects - published over 5 years ago.
Content: COM objects have recently been used by penetration testers, Red Teams, and malicious actors to perform lateral movement. COM objects were studied by several other researchers in the past, including Matt Nelson (enigma0x3), who published a blog post about it in 2017. Some of these COM objects were also added to the Empire project. To improve the R...
http://www.fireeye.com/blog/threat-research/2019/06/hunting-com-objects.html
Published: 2019 06 04 14:45:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: COM objects have recently been used by penetration testers, Red Teams, and malicious actors to perform lateral movement. COM objects were studied by several other researchers in the past, including Matt Nelson (enigma0x3), who published a blog post about it in 2017. Some of these COM objects were also added to the Empire project. To improve the R...
http://www.fireeye.com/blog/threat-research/2019/06/hunting-com-objects.html
Published: 2019 06 04 14:45:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Hunting COM Objects - published over 5 years ago. Content: COM objects have recently been used by penetration testers, Red Teams, and malicious actors to perform lateral movement. COM objects were studied by several other researchers in the past, including Matt Nelson (enigma0x3), who published a blog post about it in 2017. Some of these COM objects were also added to the Empire project. To improve the R... http://www.fireeye.com/blog/threat-research/2019/06/hunting-com-objects.html Published: 2019 06 04 14:45:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Hunting COM Objects (Part Two) - published over 5 years ago.
Content: Background As a follow up to Part One in this blog series on COM object hunting, this post will talk about taking the COM object hunting methodology deeper by looking at interesting COM object methods exposed in properties and sub-properties of COM objects. What is a COM Object? According to Microsoft, “The Microsoft Component Object Model (CO...
http://www.fireeye.com/blog/threat-research/2019/06/hunting-com-objects-part-two.html
Published: 2019 06 11 15:15:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Background As a follow up to Part One in this blog series on COM object hunting, this post will talk about taking the COM object hunting methodology deeper by looking at interesting COM object methods exposed in properties and sub-properties of COM objects. What is a COM Object? According to Microsoft, “The Microsoft Component Object Model (CO...
http://www.fireeye.com/blog/threat-research/2019/06/hunting-com-objects-part-two.html
Published: 2019 06 11 15:15:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Hunting COM Objects (Part Two) - published over 5 years ago. Content: Background As a follow up to Part One in this blog series on COM object hunting, this post will talk about taking the COM object hunting methodology deeper by looking at interesting COM object methods exposed in properties and sub-properties of COM objects. What is a COM Object? According to Microsoft, “The Microsoft Component Object Model (CO... http://www.fireeye.com/blog/threat-research/2019/06/hunting-com-objects-part-two.html Published: 2019 06 11 15:15:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Finding Weaknesses Before the Attackers Do - published over 5 years ago.
Content: This blog post originally appeared as an article in M-Trends 2019. FireEye Mandiant red team consultants perform objectives-based assessments that emulate real cyber attacks by advanced and nation state attackers across the entire attack lifecycle by blending into environments and observing how employees interact with their workstations and appli...
http://www.fireeye.com/blog/threat-research/2019/04/finding-weaknesses-before-the-attackers-do.html
Published: 2019 04 08 16:30:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: This blog post originally appeared as an article in M-Trends 2019. FireEye Mandiant red team consultants perform objectives-based assessments that emulate real cyber attacks by advanced and nation state attackers across the entire attack lifecycle by blending into environments and observing how employees interact with their workstations and appli...
http://www.fireeye.com/blog/threat-research/2019/04/finding-weaknesses-before-the-attackers-do.html
Published: 2019 04 08 16:30:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Finding Weaknesses Before the Attackers Do - published over 5 years ago. Content: This blog post originally appeared as an article in M-Trends 2019. FireEye Mandiant red team consultants perform objectives-based assessments that emulate real cyber attacks by advanced and nation state attackers across the entire attack lifecycle by blending into environments and observing how employees interact with their workstations and appli... http://www.fireeye.com/blog/threat-research/2019/04/finding-weaknesses-before-the-attackers-do.html Published: 2019 04 08 16:30:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Commando VM: The First of Its Kind Windows Offensive Distribution - published over 5 years ago.
Content: For penetration testers looking for a stable and supported Linux testing platform, the industry agrees that Kali is the go-to platform. However, if you’d prefer to use Windows as an operating system, you may have noticed that a worthy platform didn’t exist. As security researchers, every one of us has probably spent hours customizing a Windo...
http://www.fireeye.com/blog/threat-research/2019/03/commando-vm-windows-offensive-distribution.html
Published: 2019 03 29 01:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: For penetration testers looking for a stable and supported Linux testing platform, the industry agrees that Kali is the go-to platform. However, if you’d prefer to use Windows as an operating system, you may have noticed that a worthy platform didn’t exist. As security researchers, every one of us has probably spent hours customizing a Windo...
http://www.fireeye.com/blog/threat-research/2019/03/commando-vm-windows-offensive-distribution.html
Published: 2019 03 29 01:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Commando VM: The First of Its Kind Windows Offensive Distribution - published over 5 years ago. Content: For penetration testers looking for a stable and supported Linux testing platform, the industry agrees that Kali is the go-to platform. However, if you’d prefer to use Windows as an operating system, you may have noticed that a worthy platform didn’t exist. As security researchers, every one of us has probably spent hours customizing a Windo... http://www.fireeye.com/blog/threat-research/2019/03/commando-vm-windows-offensive-distribution.html Published: 2019 03 29 01:00:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Bring Your Own Land (BYOL) – A Novel Red Teaming Technique - published over 6 years ago.
Content: Introduction One of most significant recent developments in sophisticated offensive operations is the use of “Living off the Land” (LotL) techniques by attackers. These techniques leverage legitimate tools present on the system, such as the PowerShell scripting language, in order to execute attacks. The popularity of PowerShell as an offensive too...
http://www.fireeye.com/blog/threat-research/2018/06/bring-your-own-land-novel-red-teaming-technique.html
Published: 2018 06 18 15:45:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Introduction One of most significant recent developments in sophisticated offensive operations is the use of “Living off the Land” (LotL) techniques by attackers. These techniques leverage legitimate tools present on the system, such as the PowerShell scripting language, in order to execute attacks. The popularity of PowerShell as an offensive too...
http://www.fireeye.com/blog/threat-research/2018/06/bring-your-own-land-novel-red-teaming-technique.html
Published: 2018 06 18 15:45:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Bring Your Own Land (BYOL) – A Novel Red Teaming Technique - published over 6 years ago. Content: Introduction One of most significant recent developments in sophisticated offensive operations is the use of “Living off the Land” (LotL) techniques by attackers. These techniques leverage legitimate tools present on the system, such as the PowerShell scripting language, in order to execute attacks. The popularity of PowerShell as an offensive too... http://www.fireeye.com/blog/threat-research/2018/06/bring-your-own-land-novel-red-teaming-technique.html Published: 2018 06 18 15:45:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Shikata Ga Nai Encoder Still Going Strong - published about 5 years ago.
Content: One of the most popular exploit frameworks in the world is Metasploit. Its vast library of pocket exploits, pluggable payload environment, and simplicity of execution makes it the de facto base platform. Metasploit is used by pentesters, security enthusiasts, script kiddies, and even malicious actors. It is so prevalent that its user base even incl...
http://www.fireeye.com/blog/threat-research/2019/10/shikata-ga-nai-encoder-still-going-strong.html
Published: 2019 10 21 17:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: One of the most popular exploit frameworks in the world is Metasploit. Its vast library of pocket exploits, pluggable payload environment, and simplicity of execution makes it the de facto base platform. Metasploit is used by pentesters, security enthusiasts, script kiddies, and even malicious actors. It is so prevalent that its user base even incl...
http://www.fireeye.com/blog/threat-research/2019/10/shikata-ga-nai-encoder-still-going-strong.html
Published: 2019 10 21 17:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Shikata Ga Nai Encoder Still Going Strong - published about 5 years ago. Content: One of the most popular exploit frameworks in the world is Metasploit. Its vast library of pocket exploits, pluggable payload environment, and simplicity of execution makes it the de facto base platform. Metasploit is used by pentesters, security enthusiasts, script kiddies, and even malicious actors. It is so prevalent that its user base even incl... http://www.fireeye.com/blog/threat-research/2019/10/shikata-ga-nai-encoder-still-going-strong.html Published: 2019 10 21 17:00:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Bypassing Network Restrictions Through RDP Tunneling - published almost 6 years ago.
Content: Remote Desktop Services is a component of Microsoft Windows that is used by various companies for the convenience it offers systems administrators, engineers and remote employees. On the other hand, Remote Desktop Services, and specifically the Remote Desktop Protocol (RDP), offers this same convenience to remote threat actors during targeted syste...
http://www.fireeye.com/blog/threat-research/2019/01/bypassing-network-restrictions-through-rdp-tunneling.html
Published: 2019 01 24 16:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Remote Desktop Services is a component of Microsoft Windows that is used by various companies for the convenience it offers systems administrators, engineers and remote employees. On the other hand, Remote Desktop Services, and specifically the Remote Desktop Protocol (RDP), offers this same convenience to remote threat actors during targeted syste...
http://www.fireeye.com/blog/threat-research/2019/01/bypassing-network-restrictions-through-rdp-tunneling.html
Published: 2019 01 24 16:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Bypassing Network Restrictions Through RDP Tunneling - published almost 6 years ago. Content: Remote Desktop Services is a component of Microsoft Windows that is used by various companies for the convenience it offers systems administrators, engineers and remote employees. On the other hand, Remote Desktop Services, and specifically the Remote Desktop Protocol (RDP), offers this same convenience to remote threat actors during targeted syste... http://www.fireeye.com/blog/threat-research/2019/01/bypassing-network-restrictions-through-rdp-tunneling.html Published: 2019 01 24 16:00:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Operation GreedyWonk: Multiple Economic and Foreign Policy Sites Compromised, Serving Up Flash Zero-Day Exploit - published almost 11 years ago.
Content: Less than a week after uncovering Operation SnowMan, the FireEye Dynamic Threat Intelligence cloud has identified another targeted attack campaign — this one exploiting a zero-day vulnerability in Flash. We are collaborating with Adobe security on this issue. Adobe has assigned the CVE identifier CVE-2014-0502 to this vulnerability and released a s...
http://www.fireeye.com/blog/threat-research/2014/02/operation-greedywonk-multiple-economic-and-foreign-policy-sites-compromised-serving-up-flash-zero-day-exploit.html
Published: 2014 02 20 18:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Less than a week after uncovering Operation SnowMan, the FireEye Dynamic Threat Intelligence cloud has identified another targeted attack campaign — this one exploiting a zero-day vulnerability in Flash. We are collaborating with Adobe security on this issue. Adobe has assigned the CVE identifier CVE-2014-0502 to this vulnerability and released a s...
http://www.fireeye.com/blog/threat-research/2014/02/operation-greedywonk-multiple-economic-and-foreign-policy-sites-compromised-serving-up-flash-zero-day-exploit.html
Published: 2014 02 20 18:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Operation GreedyWonk: Multiple Economic and Foreign Policy Sites Compromised, Serving Up Flash Zero-Day Exploit - published almost 11 years ago. Content: Less than a week after uncovering Operation SnowMan, the FireEye Dynamic Threat Intelligence cloud has identified another targeted attack campaign — this one exploiting a zero-day vulnerability in Flash. We are collaborating with Adobe security on this issue. Adobe has assigned the CVE identifier CVE-2014-0502 to this vulnerability and released a s... http://www.fireeye.com/blog/threat-research/2014/02/operation-greedywonk-multiple-economic-and-foreign-policy-sites-compromised-serving-up-flash-zero-day-exploit.html Published: 2014 02 20 18:00:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: MESSAGETAP: Who’s Reading Your Text Messages? - published about 5 years ago.
Content: FireEye Mandiant recently discovered a new malware family used by APT41 (a Chinese APT group) that is designed to monitor and save SMS traffic from specific phone numbers, IMSI numbers and keywords for subsequent theft. Named MESSAGETAP, the tool was deployed by APT41 in a telecommunications network provider in support of Chinese espionage efforts....
http://www.fireeye.com/blog/threat-research/2019/10/messagetap-who-is-reading-your-text-messages.html
Published: 2019 10 31 13:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: FireEye Mandiant recently discovered a new malware family used by APT41 (a Chinese APT group) that is designed to monitor and save SMS traffic from specific phone numbers, IMSI numbers and keywords for subsequent theft. Named MESSAGETAP, the tool was deployed by APT41 in a telecommunications network provider in support of Chinese espionage efforts....
http://www.fireeye.com/blog/threat-research/2019/10/messagetap-who-is-reading-your-text-messages.html
Published: 2019 10 31 13:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: MESSAGETAP: Who’s Reading Your Text Messages? - published about 5 years ago. Content: FireEye Mandiant recently discovered a new malware family used by APT41 (a Chinese APT group) that is designed to monitor and save SMS traffic from specific phone numbers, IMSI numbers and keywords for subsequent theft. Named MESSAGETAP, the tool was deployed by APT41 in a telecommunications network provider in support of Chinese espionage efforts.... http://www.fireeye.com/blog/threat-research/2019/10/messagetap-who-is-reading-your-text-messages.html Published: 2019 10 31 13:00:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Attention is All They Need: Combatting Social Media Information Operations With Neural Language Models - published about 5 years ago.
Content: Information operations have flourished on social media in part because they can be conducted cheaply, are relatively low risk, have immediate global reach, and can exploit the type of viral amplification incentivized by platforms. Using networks of coordinated accounts, social media-driven information operations disseminate and amplify content desi...
http://www.fireeye.com/blog/threat-research/2019/11/combatting-social-media-information-operations-neural-language-models.html
Published: 2019 11 14 17:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Information operations have flourished on social media in part because they can be conducted cheaply, are relatively low risk, have immediate global reach, and can exploit the type of viral amplification incentivized by platforms. Using networks of coordinated accounts, social media-driven information operations disseminate and amplify content desi...
http://www.fireeye.com/blog/threat-research/2019/11/combatting-social-media-information-operations-neural-language-models.html
Published: 2019 11 14 17:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Attention is All They Need: Combatting Social Media Information Operations With Neural Language Models - published about 5 years ago. Content: Information operations have flourished on social media in part because they can be conducted cheaply, are relatively low risk, have immediate global reach, and can exploit the type of viral amplification incentivized by platforms. Using networks of coordinated accounts, social media-driven information operations disseminate and amplify content desi... http://www.fireeye.com/blog/threat-research/2019/11/combatting-social-media-information-operations-neural-language-models.html Published: 2019 11 14 17:00:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: FIDL: FLARE’s IDA Decompiler Library - published almost 5 years ago.
Content: IDA Pro and the Hex Rays decompiler are a core part of any toolkit for reverse engineering and vulnerability research. In a previous blog post we discussed how the Hex-Rays API can be used to solve small, well-defined problems commonly seen as part of malware analysis. Having access to a higher-level representation of binary code makes the Hex-Rays...
http://www.fireeye.com/blog/threat-research/2019/11/fidl-flare-ida-decompiler-library.html
Published: 2019 11 25 20:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: IDA Pro and the Hex Rays decompiler are a core part of any toolkit for reverse engineering and vulnerability research. In a previous blog post we discussed how the Hex-Rays API can be used to solve small, well-defined problems commonly seen as part of malware analysis. Having access to a higher-level representation of binary code makes the Hex-Rays...
http://www.fireeye.com/blog/threat-research/2019/11/fidl-flare-ida-decompiler-library.html
Published: 2019 11 25 20:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: FIDL: FLARE’s IDA Decompiler Library - published almost 5 years ago. Content: IDA Pro and the Hex Rays decompiler are a core part of any toolkit for reverse engineering and vulnerability research. In a previous blog post we discussed how the Hex-Rays API can be used to solve small, well-defined problems commonly seen as part of malware analysis. Having access to a higher-level representation of binary code makes the Hex-Rays... http://www.fireeye.com/blog/threat-research/2019/11/fidl-flare-ida-decompiler-library.html Published: 2019 11 25 20:00:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Breaking the Rules: A Tough Outlook for Home Page Attacks (CVE-2017-11774) - published almost 5 years ago.
Content: Attackers have a dirty little secret that is being used to conduct big intrusions. We’ll explain how they're "unpatching" an exploit and then provide new Outlook hardening guidance that is not available elsewhere. Specifically, this blog post covers field-tested automated registry processing for registry keys to protect against attacker attempts to...
http://www.fireeye.com/blog/threat-research/2019/12/breaking-the-rules-tough-outlook-for-home-page-attacks.html
Published: 2019 12 04 10:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Attackers have a dirty little secret that is being used to conduct big intrusions. We’ll explain how they're "unpatching" an exploit and then provide new Outlook hardening guidance that is not available elsewhere. Specifically, this blog post covers field-tested automated registry processing for registry keys to protect against attacker attempts to...
http://www.fireeye.com/blog/threat-research/2019/12/breaking-the-rules-tough-outlook-for-home-page-attacks.html
Published: 2019 12 04 10:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Breaking the Rules: A Tough Outlook for Home Page Attacks (CVE-2017-11774) - published almost 5 years ago. Content: Attackers have a dirty little secret that is being used to conduct big intrusions. We’ll explain how they're "unpatching" an exploit and then provide new Outlook hardening guidance that is not available elsewhere. Specifically, this blog post covers field-tested automated registry processing for registry keys to protect against attacker attempts to... http://www.fireeye.com/blog/threat-research/2019/12/breaking-the-rules-tough-outlook-for-home-page-attacks.html Published: 2019 12 04 10:00:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: The FireEye Approach to Operational Technology Security - published almost 5 years ago.
Content: Today FireEye launches the Cyber Physical Threat Intelligence subscription, which provides cyber security professionals with unmatched context, data and actionable analysis on threats and risk to cyber physical systems. In light of this release, we thought it would be helpful to explain FireEye’s philosophy and broader approach to operational techn...
http://www.fireeye.com/blog/threat-research/2019/12/fireeye-approach-to-operational-technology-security.html
Published: 2019 12 11 13:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Today FireEye launches the Cyber Physical Threat Intelligence subscription, which provides cyber security professionals with unmatched context, data and actionable analysis on threats and risk to cyber physical systems. In light of this release, we thought it would be helpful to explain FireEye’s philosophy and broader approach to operational techn...
http://www.fireeye.com/blog/threat-research/2019/12/fireeye-approach-to-operational-technology-security.html
Published: 2019 12 11 13:00:00
Received: 2021 11 03 23:00:22
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: The FireEye Approach to Operational Technology Security - published almost 5 years ago. Content: Today FireEye launches the Cyber Physical Threat Intelligence subscription, which provides cyber security professionals with unmatched context, data and actionable analysis on threats and risk to cyber physical systems. In light of this release, we thought it would be helpful to explain FireEye’s philosophy and broader approach to operational techn... http://www.fireeye.com/blog/threat-research/2019/12/fireeye-approach-to-operational-technology-security.html Published: 2019 12 11 13:00:00 Received: 2021 11 03 23:00:22 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Alleged Twitter hacker charged with theft of $784K in crypto via SIM swaps - published about 3 years ago.
Content:
https://www.bleepingcomputer.com/news/security/alleged-twitter-hacker-charged-with-theft-of-784k-in-crypto-via-sim-swaps/
Published: 2021 11 03 22:55:49
Received: 2021 11 03 23:00:09
Feed: Bleeping Computer - All News Feeds
Source: Bleeping Computer
Category: News
Topic: Cyber Security
Content:
https://www.bleepingcomputer.com/news/security/alleged-twitter-hacker-charged-with-theft-of-784k-in-crypto-via-sim-swaps/
Published: 2021 11 03 22:55:49
Received: 2021 11 03 23:00:09
Feed: Bleeping Computer - All News Feeds
Source: Bleeping Computer
Category: News
Topic: Cyber Security
|
Article: Alleged Twitter hacker charged with theft of $784K in crypto via SIM swaps - published about 3 years ago. Content: https://www.bleepingcomputer.com/news/security/alleged-twitter-hacker-charged-with-theft-of-784k-in-crypto-via-sim-swaps/ Published: 2021 11 03 22:55:49 Received: 2021 11 03 23:00:09 Feed: Bleeping Computer - All News Feeds Source: Bleeping Computer Category: News Topic: Cyber Security |
|
Article: Ransomware fears drive Aussie IT security spending towards $4.6B - ARN - published about 3 years ago.
Content: Amid a climate of regular ransomware attacks and tightening legislation, Australia's enterprise cyber security spending is set for a boom over the ...
https://www.arnnet.com.au/article/692701/ransomware-fears-drive-aussie-it-security-spending-towards-4-6b/
Published: 2021 11 02 10:27:31
Received: 2021 11 03 22:01:39
Feed: Google Alert – "cyber security"
Source: Google Alert
Category: News
Topic: Cyber Security
Content: Amid a climate of regular ransomware attacks and tightening legislation, Australia's enterprise cyber security spending is set for a boom over the ...
https://www.arnnet.com.au/article/692701/ransomware-fears-drive-aussie-it-security-spending-towards-4-6b/
Published: 2021 11 02 10:27:31
Received: 2021 11 03 22:01:39
Feed: Google Alert – "cyber security"
Source: Google Alert
Category: News
Topic: Cyber Security
|
Article: Ransomware fears drive Aussie IT security spending towards $4.6B - ARN - published about 3 years ago. Content: Amid a climate of regular ransomware attacks and tightening legislation, Australia's enterprise cyber security spending is set for a boom over the ... https://www.arnnet.com.au/article/692701/ransomware-fears-drive-aussie-it-security-spending-towards-4-6b/ Published: 2021 11 02 10:27:31 Received: 2021 11 03 22:01:39 Feed: Google Alert – "cyber security" Source: Google Alert Category: News Topic: Cyber Security |
|
Article: Integrated system to be developed to stop cyberattacks, says minister - The News International - published about 3 years ago.
Content: The successful cyber security experts will not only receive huge cash prizes but also become a part of the Computer Emergency Response Team (CERT) ...
https://www.thenews.com.pk/print/905253-integrated-system-to-be-developed-to-stop-cyberattacks-says-minister
Published: 2021 11 02 13:03:09
Received: 2021 11 03 22:01:39
Feed: Google Alert – "cyber security"
Source: Google Alert
Category: News
Topic: Cyber Security
Content: The successful cyber security experts will not only receive huge cash prizes but also become a part of the Computer Emergency Response Team (CERT) ...
https://www.thenews.com.pk/print/905253-integrated-system-to-be-developed-to-stop-cyberattacks-says-minister
Published: 2021 11 02 13:03:09
Received: 2021 11 03 22:01:39
Feed: Google Alert – "cyber security"
Source: Google Alert
Category: News
Topic: Cyber Security
|
Article: Integrated system to be developed to stop cyberattacks, says minister - The News International - published about 3 years ago. Content: The successful cyber security experts will not only receive huge cash prizes but also become a part of the Computer Emergency Response Team (CERT) ... https://www.thenews.com.pk/print/905253-integrated-system-to-be-developed-to-stop-cyberattacks-says-minister Published: 2021 11 02 13:03:09 Received: 2021 11 03 22:01:39 Feed: Google Alert – "cyber security" Source: Google Alert Category: News Topic: Cyber Security |
Article: Annual Conference Focuses On Healthcare Cybersecurity | State | iosconews.com - published about 3 years ago.
Content: HOLLAND, Mich., Nov. 2, 2021 /PRNewswire/ -- The Michigan Healthcare Cyber Security Council and InvestUP are pleased to host Building Resilience ...
https://www.iosconews.com/news/state/article_39c73e6b-0d8a-50f3-b198-0419af0206c8.html
Published: 2021 11 02 19:08:30
Received: 2021 11 03 22:01:39
Feed: Google Alert – "cyber security"
Source: Google Alert
Category: News
Topic: Cyber Security
Content: HOLLAND, Mich., Nov. 2, 2021 /PRNewswire/ -- The Michigan Healthcare Cyber Security Council and InvestUP are pleased to host Building Resilience ...
https://www.iosconews.com/news/state/article_39c73e6b-0d8a-50f3-b198-0419af0206c8.html
Published: 2021 11 02 19:08:30
Received: 2021 11 03 22:01:39
Feed: Google Alert – "cyber security"
Source: Google Alert
Category: News
Topic: Cyber Security
|
Article: Annual Conference Focuses On Healthcare Cybersecurity | State | iosconews.com - published about 3 years ago. Content: HOLLAND, Mich., Nov. 2, 2021 /PRNewswire/ -- The Michigan Healthcare Cyber Security Council and InvestUP are pleased to host Building Resilience ... https://www.iosconews.com/news/state/article_39c73e6b-0d8a-50f3-b198-0419af0206c8.html Published: 2021 11 02 19:08:30 Received: 2021 11 03 22:01:39 Feed: Google Alert – "cyber security" Source: Google Alert Category: News Topic: Cyber Security |
|
Article: APT39: An Iranian Cyber Espionage Group Focused on Personal Information - published almost 6 years ago.
Content: UPDATE (Jan. 30): Figure 1 has been updated to more accurately reflect APT39 targeting. Specifically, Australia, Norway and South Korea have been removed. In December 2018, FireEye identified APT39 as an Iranian cyber espionage group responsible for widespread theft of personal information. We have tracked activity linked to this group since ...
http://www.fireeye.com/blog/threat-research/2019/01/apt39-iranian-cyber-espionage-group-focused-on-personal-information.html
Published: 2019 01 29 11:00:00
Received: 2021 11 03 22:01:31
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: UPDATE (Jan. 30): Figure 1 has been updated to more accurately reflect APT39 targeting. Specifically, Australia, Norway and South Korea have been removed. In December 2018, FireEye identified APT39 as an Iranian cyber espionage group responsible for widespread theft of personal information. We have tracked activity linked to this group since ...
http://www.fireeye.com/blog/threat-research/2019/01/apt39-iranian-cyber-espionage-group-focused-on-personal-information.html
Published: 2019 01 29 11:00:00
Received: 2021 11 03 22:01:31
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: APT39: An Iranian Cyber Espionage Group Focused on Personal Information - published almost 6 years ago. Content: UPDATE (Jan. 30): Figure 1 has been updated to more accurately reflect APT39 targeting. Specifically, Australia, Norway and South Korea have been removed. In December 2018, FireEye identified APT39 as an Iranian cyber espionage group responsible for widespread theft of personal information. We have tracked activity linked to this group since ... http://www.fireeye.com/blog/threat-research/2019/01/apt39-iranian-cyber-espionage-group-focused-on-personal-information.html Published: 2019 01 29 11:00:00 Received: 2021 11 03 22:01:31 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: 5 MITRE ATT&CK Tactics Most Frequently Detected by Cisco Secure Firewalls - published about 3 years ago.
Content:
https://www.darkreading.com/edge-threat-monitor/5-mitre-attck-tactics-most-frequently-detected-by-cisco-secure-firewalls
Published: 2021 11 03 20:07:50
Received: 2021 11 03 22:00:06
Feed: Dark Reading:
Source: Dark Reading
Category: News
Topic: Cyber Security
Content:
https://www.darkreading.com/edge-threat-monitor/5-mitre-attck-tactics-most-frequently-detected-by-cisco-secure-firewalls
Published: 2021 11 03 20:07:50
Received: 2021 11 03 22:00:06
Feed: Dark Reading:
Source: Dark Reading
Category: News
Topic: Cyber Security
|
Article: 5 MITRE ATT&CK Tactics Most Frequently Detected by Cisco Secure Firewalls - published about 3 years ago. Content: https://www.darkreading.com/edge-threat-monitor/5-mitre-attck-tactics-most-frequently-detected-by-cisco-secure-firewalls Published: 2021 11 03 20:07:50 Received: 2021 11 03 22:00:06 Feed: Dark Reading: Source: Dark Reading Category: News Topic: Cyber Security |
Article: CISA Issues New Directive for Patching Known Exploited Vulnerabilities - published about 3 years ago.
Content:
https://www.darkreading.com/vulnerabilities-threats/cisa-issues-new-directive-for-patching-known-exploited-vulnerabilities
Published: 2021 11 03 20:45:21
Received: 2021 11 03 22:00:06
Feed: Dark Reading:
Source: Dark Reading
Category: News
Topic: Cyber Security
Content:
https://www.darkreading.com/vulnerabilities-threats/cisa-issues-new-directive-for-patching-known-exploited-vulnerabilities
Published: 2021 11 03 20:45:21
Received: 2021 11 03 22:00:06
Feed: Dark Reading:
Source: Dark Reading
Category: News
Topic: Cyber Security
|
Article: CISA Issues New Directive for Patching Known Exploited Vulnerabilities - published about 3 years ago. Content: https://www.darkreading.com/vulnerabilities-threats/cisa-issues-new-directive-for-patching-known-exploited-vulnerabilities Published: 2021 11 03 20:45:21 Received: 2021 11 03 22:00:06 Feed: Dark Reading: Source: Dark Reading Category: News Topic: Cyber Security |
|
Article: CVE-2021-43141 - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43141
Published: 2021 11 03 19:15:07
Received: 2021 11 03 21:06:24
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43141
Published: 2021 11 03 19:15:07
Received: 2021 11 03 21:06:24
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2021-43141 - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43141 Published: 2021 11 03 19:15:07 Received: 2021 11 03 21:06:24 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
|
Article: CVE-2021-43140 - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43140
Published: 2021 11 03 19:15:07
Received: 2021 11 03 21:06:24
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43140
Published: 2021 11 03 19:15:07
Received: 2021 11 03 21:06:24
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2021-43140 - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-43140 Published: 2021 11 03 19:15:07 Received: 2021 11 03 21:06:24 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
Article: CVE-2021-41174 - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41174
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:24
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41174
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:24
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2021-41174 - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41174 Published: 2021 11 03 18:15:08 Received: 2021 11 03 21:06:24 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
|
Article: CVE-2021-41134 - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41134
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:24
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41134
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:24
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2021-41134 - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41134 Published: 2021 11 03 18:15:08 Received: 2021 11 03 21:06:24 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
|
Article: CVE-2021-3705 (laserjet_pro_j8h60a_firmware, laserjet_pro_j8h61a_firmware) - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3705
Published: 2021 11 01 14:15:07
Received: 2021 11 03 21:06:22
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3705
Published: 2021 11 01 14:15:07
Received: 2021 11 03 21:06:22
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2021-3705 (laserjet_pro_j8h60a_firmware, laserjet_pro_j8h61a_firmware) - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3705 Published: 2021 11 01 14:15:07 Received: 2021 11 03 21:06:22 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
Article: CVE-2021-23820 - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23820
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:20
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23820
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:20
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2021-23820 - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23820 Published: 2021 11 03 18:15:08 Received: 2021 11 03 21:06:20 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
|
Article: CVE-2021-23807 - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23807
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:20
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23807
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:20
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2021-23807 - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23807 Published: 2021 11 03 18:15:08 Received: 2021 11 03 21:06:20 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
|
Article: CVE-2021-23784 - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23784
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:20
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23784
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:20
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2021-23784 - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23784 Published: 2021 11 03 18:15:08 Received: 2021 11 03 21:06:20 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
Article: CVE-2021-23624 - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23624
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:20
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23624
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:20
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2021-23624 - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23624 Published: 2021 11 03 18:15:08 Received: 2021 11 03 21:06:20 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
|
Article: CVE-2021-23509 - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23509
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:20
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23509
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:20
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2021-23509 - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23509 Published: 2021 11 03 18:15:08 Received: 2021 11 03 21:06:20 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
|
Article: CVE-2021-23472 - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23472
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:20
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23472
Published: 2021 11 03 18:15:08
Received: 2021 11 03 21:06:20
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2021-23472 - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-23472 Published: 2021 11 03 18:15:08 Received: 2021 11 03 21:06:20 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
Article: CVE-2021-22037 (installbuilder) - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22037
Published: 2021 10 29 12:15:07
Received: 2021 11 03 21:06:19
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22037
Published: 2021 10 29 12:15:07
Received: 2021 11 03 21:06:19
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2021-22037 (installbuilder) - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22037 Published: 2021 10 29 12:15:07 Received: 2021 11 03 21:06:19 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
|
Article: CVE-2020-23754 (phpfusion) - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-23754
Published: 2021 11 02 18:15:08
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-23754
Published: 2021 11 02 18:15:08
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2020-23754 (phpfusion) - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-23754 Published: 2021 11 02 18:15:08 Received: 2021 11 03 21:06:18 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
|
Article: CVE-2020-23719 (zibbs) - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-23719
Published: 2021 11 02 18:15:08
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-23719
Published: 2021 11 02 18:15:08
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2020-23719 (zibbs) - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-23719 Published: 2021 11 02 18:15:08 Received: 2021 11 03 21:06:18 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
Article: CVE-2020-23718 (zibbs) - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-23718
Published: 2021 11 02 18:15:08
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-23718
Published: 2021 11 02 18:15:08
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2020-23718 (zibbs) - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-23718 Published: 2021 11 02 18:15:08 Received: 2021 11 03 21:06:18 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
|
Article: CVE-2020-23685 (188jianzhan) - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-23685
Published: 2021 11 02 18:15:08
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-23685
Published: 2021 11 02 18:15:08
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2020-23685 (188jianzhan) - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-23685 Published: 2021 11 02 18:15:08 Received: 2021 11 03 21:06:18 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
|
Article: CVE-2020-18263 - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18263
Published: 2021 11 03 18:15:07
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18263
Published: 2021 11 03 18:15:07
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2020-18263 - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18263 Published: 2021 11 03 18:15:07 Received: 2021 11 03 21:06:18 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
Article: CVE-2020-18262 - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18262
Published: 2021 11 03 18:15:07
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18262
Published: 2021 11 03 18:15:07
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2020-18262 - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18262 Published: 2021 11 03 18:15:07 Received: 2021 11 03 21:06:18 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
|
Article: CVE-2020-18261 - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18261
Published: 2021 11 03 18:15:07
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18261
Published: 2021 11 03 18:15:07
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2020-18261 - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18261 Published: 2021 11 03 18:15:07 Received: 2021 11 03 21:06:18 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
|
Article: CVE-2020-18259 - published about 3 years ago.
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18259
Published: 2021 11 03 18:15:07
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
Content:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18259
Published: 2021 11 03 18:15:07
Received: 2021 11 03 21:06:18
Feed: National Vulnerability Database
Source: National Vulnerability Database
Category: Alerts
Topic: Vulnerabilities
|
Article: CVE-2020-18259 - published about 3 years ago. Content: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-18259 Published: 2021 11 03 18:15:07 Received: 2021 11 03 21:06:18 Feed: National Vulnerability Database Source: National Vulnerability Database Category: Alerts Topic: Vulnerabilities |
Article: TIWAP - Totally Insecure Web Application Project - published about 3 years ago.
Content:
http://www.kitploit.com/2021/11/tiwap-totally-insecure-web-application.html
Published: 2021 11 03 20:30:00
Received: 2021 11 03 21:05:35
Feed: PenTest and Hacking Tools - powered by FeedBurner
Source: PenTest and Hacking Tools - powered by FeedBurner
Category: News
Topic: Security Tooling
Content:
http://www.kitploit.com/2021/11/tiwap-totally-insecure-web-application.html
Published: 2021 11 03 20:30:00
Received: 2021 11 03 21:05:35
Feed: PenTest and Hacking Tools - powered by FeedBurner
Source: PenTest and Hacking Tools - powered by FeedBurner
Category: News
Topic: Security Tooling
|
Article: TIWAP - Totally Insecure Web Application Project - published about 3 years ago. Content: http://www.kitploit.com/2021/11/tiwap-totally-insecure-web-application.html Published: 2021 11 03 20:30:00 Received: 2021 11 03 21:05:35 Feed: PenTest and Hacking Tools - powered by FeedBurner Source: PenTest and Hacking Tools - powered by FeedBurner Category: News Topic: Security Tooling |
|
Article: Iranian Threat Group Updates Tactics, Techniques and Procedures in Spear Phishing Campaign - published over 6 years ago.
Content: Introduction From January 2018 to March 2018, through FireEye’s Dynamic Threat Intelligence, we observed attackers leveraging the latest code execution and persistence techniques to distribute malicious macro-based documents to individuals in Asia and the Middle East. We attribute this activity to TEMP.Zagros (reported by Palo Alto Networks and T...
http://www.fireeye.com/blog/threat-research/2018/03/iranian-threat-group-updates-ttps-in-spear-phishing-campaign.html
Published: 2018 03 13 16:15:00
Received: 2021 11 03 21:00:49
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Introduction From January 2018 to March 2018, through FireEye’s Dynamic Threat Intelligence, we observed attackers leveraging the latest code execution and persistence techniques to distribute malicious macro-based documents to individuals in Asia and the Middle East. We attribute this activity to TEMP.Zagros (reported by Palo Alto Networks and T...
http://www.fireeye.com/blog/threat-research/2018/03/iranian-threat-group-updates-ttps-in-spear-phishing-campaign.html
Published: 2018 03 13 16:15:00
Received: 2021 11 03 21:00:49
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Iranian Threat Group Updates Tactics, Techniques and Procedures in Spear Phishing Campaign - published over 6 years ago. Content: Introduction From January 2018 to March 2018, through FireEye’s Dynamic Threat Intelligence, we observed attackers leveraging the latest code execution and persistence techniques to distribute malicious macro-based documents to individuals in Asia and the Middle East. We attribute this activity to TEMP.Zagros (reported by Palo Alto Networks and T... http://www.fireeye.com/blog/threat-research/2018/03/iranian-threat-group-updates-ttps-in-spear-phishing-campaign.html Published: 2018 03 13 16:15:00 Received: 2021 11 03 21:00:49 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: Surge in Spam Campaign Delivering Locky Ransomware Downloaders - published over 8 years ago.
Content: FireEye Labs is detecting a significant spike in Locky ransomware downloaders due to a pair of concurrent email spam campaigns impacting users in over 50 countries. Some of the top affected countries are depicted in Figure 1. Figure 1. Affected countries As seen in Figure 2, the steep spike starts on March 21, 2016, where Locky is running cam...
http://www.fireeye.com/blog/threat-research/2016/03/surge_in_spam_campai.html
Published: 2016 03 25 12:00:00
Received: 2021 11 03 21:00:47
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: FireEye Labs is detecting a significant spike in Locky ransomware downloaders due to a pair of concurrent email spam campaigns impacting users in over 50 countries. Some of the top affected countries are depicted in Figure 1. Figure 1. Affected countries As seen in Figure 2, the steep spike starts on March 21, 2016, where Locky is running cam...
http://www.fireeye.com/blog/threat-research/2016/03/surge_in_spam_campai.html
Published: 2016 03 25 12:00:00
Received: 2021 11 03 21:00:47
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Surge in Spam Campaign Delivering Locky Ransomware Downloaders - published over 8 years ago. Content: FireEye Labs is detecting a significant spike in Locky ransomware downloaders due to a pair of concurrent email spam campaigns impacting users in over 50 countries. Some of the top affected countries are depicted in Figure 1. Figure 1. Affected countries As seen in Figure 2, the steep spike starts on March 21, 2016, where Locky is running cam... http://www.fireeye.com/blog/threat-research/2016/03/surge_in_spam_campai.html Published: 2016 03 25 12:00:00 Received: 2021 11 03 21:00:47 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
Article: Extending Linux Executable Logging With The Integrity Measurement Architecture - published about 8 years ago.
Content: Gaining insight into the files being executed on your system is a great first step towards improved visibility on your endpoints. Taking this a step further, centrally storing logs of file execution data so they can be used for detection and hunting provides an excellent opportunity to find evil on your network. A SIEM, and to some degree your entir...
http://www.fireeye.com/blog/threat-research/2016/11/extending_linux_exec.html
Published: 2016 11 09 13:00:00
Received: 2021 11 03 21:00:47
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
Content: Gaining insight into the files being executed on your system is a great first step towards improved visibility on your endpoints. Taking this a step further, centrally storing logs of file execution data so they can be used for detection and hunting provides an excellent opportunity to find evil on your network. A SIEM, and to some degree your entir...
http://www.fireeye.com/blog/threat-research/2016/11/extending_linux_exec.html
Published: 2016 11 09 13:00:00
Received: 2021 11 03 21:00:47
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security
|
Article: Extending Linux Executable Logging With The Integrity Measurement Architecture - published about 8 years ago. Content: Gaining insight into the files being executed on your system is a great first step towards improved visibility on your endpoints. Taking this a step further, centrally storing logs of file execution data so they can be used for detection and hunting provides an excellent opportunity to find evil on your network. A SIEM, and to some degree your entir... http://www.fireeye.com/blog/threat-research/2016/11/extending_linux_exec.html Published: 2016 11 09 13:00:00 Received: 2021 11 03 21:00:47 Feed: FireEye Blog Source: FireEye Blog Category: Cyber Security Topic: Cyber Security |
|
Article: US Blacklists Israeli Firms NSO Group and Candiru - published about 3 years ago.
Content:
https://www.darkreading.com/threat-intelligence/us-blacklists-israeli-firms-nso-group-candiru
Published: 2021 11 03 19:35:00
Received: 2021 11 03 21:00:12
Feed: Dark Reading:
Source: Dark Reading
Category: News
Topic: Cyber Security
Content:
https://www.darkreading.com/threat-intelligence/us-blacklists-israeli-firms-nso-group-candiru
Published: 2021 11 03 19:35:00
Received: 2021 11 03 21:00:12
Feed: Dark Reading:
Source: Dark Reading
Category: News
Topic: Cyber Security
|
Article: US Blacklists Israeli Firms NSO Group and Candiru - published about 3 years ago. Content: https://www.darkreading.com/threat-intelligence/us-blacklists-israeli-firms-nso-group-candiru Published: 2021 11 03 19:35:00 Received: 2021 11 03 21:00:12 Feed: Dark Reading: Source: Dark Reading Category: News Topic: Cyber Security |
|
All Articles
Ordered by Date Received
: Year: "2021"
Month: "11"
Day: "03"
Page:
<<
<
2 (of 9)
>
>>
Total Articles in this collection: 466
- "All Articles" links back to the front page, effectivly the Planet "Home Page"; shows all articles, with no selections, or groupings.
- Default date ordering is by "Received Date" (due to not all RSS feeds having a "Published Date").
- Only Published Date selections use the articles Published Date.
- The first page always shows fifty items plus from zero to up to a remaining forty-nine items, before they are commited permently to the next page.
- All subsequent pages show fifty items.
- Pagination is in reverse ordering (so that pages are permamenent links, aka "permalinks", to their content).
- "<<" moves you to the first page (aka newest articles)
- ">>" moves you to the last page (aka oldest articles)
- "<" moves you to the previous page (aka newer articles)
- ">" moves you to the next page (aka older articles)
- Return to the top of this page Go Now
