Home | Latest News | Popular News | Our Network | About | Contact
Security News from 'FireEye Research' | www.SecurityPhresh.com
Security News from 'FireEye Research'
Showing 'Security News from 'FireEye Research'' from 21 to 30
Malicious PowerShell Detection Via Machine Learning
10th Jul 2018 [4 months ago] from FireEye Research
IntroductionCyber security vendors and researchers have reported for years howPowerShell is being used by cyber threat actors to installbackdoors, executemalicious code, and otherwise achieve their objectives withinenterprises. Security...
RIG Exploit Kit Delivering Monero Miner Via PROPagate Injection Technique
28th Jun 2018 [5 months ago] from FireEye Research
IntroductionThrough FireEye Dynamic Threat Intelligence (DTI), we observed RIGExploit Kit (EK) delivering a dropper that leverages the PROPagateinjection technique to inject code that downloads and executes aMonero miner (similar has been...
Bring Your Own Land (BYOL) – A Novel Red Teaming Technique
18th Jun 2018 [5 months ago] from FireEye Research
IntroductionOne of most significant recent developments in sophisticatedoffensive operations is the use of “Living off the Land” (LotL)techniques by attackers. These techniques leverage legitimate toolspresent on the system, such as...
A Totally Tubular Treatise On TRITON And TriStation
7th Jun 2018 [6 months ago] from FireEye Research
IntroductionIn December 2017, FireEyes Mandiant discussed anincident response involving the TRITONframework. The TRITON attack and many of the publicly discussedICS intrusions involved routine techniques where the threat actorsused only...
Reverse Engineering The Analyst: Building Machine Learning Models For The SOC
5th Jun 2018 [6 months ago] from FireEye Research
Many cyber incidents can be traced back to an original alert that waseither missed or ignored by the Security Operations Center (SOC) orIncident Response (IR) team. While most analysts and SOCs are vigilantand responsive, the fact is they...
Remote Authentication GeoFeasibility Tool - GeoLogonalyzer
29th May 2018 [6 months ago] from FireEye Research
Users have long needed to access important resources such as virtualprivate networks (VPNs), web applications, and mail servers fromanywhere in the world at any time. While the ability to accessresources from anywhere is imperative for...
Shining A Light On OAuth Abuse With PwnAuth
21st May 2018 [6 months ago] from FireEye Research
IntroductionSpear phishing attacks are seen as one of the biggest cyber threatsto an organization. It only takes one employee to enter theircredentials or run some malware for an entire organization to becomecompromised. As such, companies...
A Deep Dive Into RIG Exploit Kit Delivering Grobios Trojan
14th May 2018 [6 months ago] from FireEye Research
As discussed in previousblogs, exploit kit activity has been on the decline since thelatter half of 2016. However, we do still periodically observesignificant developments in this space, and we have been observinginteresting ongoing activity...
Behind The CARBANAK Backdoor
11th May 2018 [6 months ago] from FireEye Research
In this blog, we will take a closer look at the powerful, versatilebackdoor known as CARBANAK (aka Anunak). Specifically, we willfocus on the operational details of its use over the past few years,including its configuration, the minor...
Rooting A Logitech Harmony Hub: Improving Security In Todays IoT World
3rd May 2018 [7 months ago] from FireEye Research
IntroductionFireEye’s Mandiant Red Team recently discovered vulnerabilitiespresent on the Logitech Harmony Hub Internet of Things (IoT) devicethat could potentially be exploited, resulting in root access to thedevice via SSH. The Harmony...
« Newer 1 2 3 4 5 6 7 8 9 10 Older »