Home | Latest News | Popular News | Our Network | About | Contact
Security News from 'FireEye Research' | www.SecurityPhresh.com
Security News from 'FireEye Research'
Showing 'Security News from 'FireEye Research'' from 1 to 10
WOW64!Hooks: WOW64 Subsystem Internals And Hooking Techniques
9th Nov 2020 [14 days ago] from FireEye Research
Microsoft is known for their backwards compatibility. When theyrolled out the 64-bit variant of Windows years ago they needed toprovide compatibility with existing 32-bit applications. In order toprovide seamless execution regardless of...
In Wild Critical Buffer Overflow Vulnerability In Solaris Can Allow Remote Takeover — CVE-2020-14871
4th Nov 2020 [19 days ago] from FireEye Research
FireEye Mandiant has been investigating compromised Oracle Solarismachines in customer environments. During our investigations, wediscovered an exploit tool on a customer’s system and analyzed it tosee how it was attacking their Solaris...
Live Off The Land? How About Bringing Your Own Island? An Overview Of UNC1945
2nd Nov 2020 [21 days ago] from FireEye Research
Through Mandiant investigation of intrusions between February 2018and September 2020, the FLARE Advanced Practices team observed a groupwe track as UNC1945 compromise telecommunications companies andoperate against a tailored set of targets...
Ransomware Protection And Containment Strategies: Practical Guidance For Endpoint Protection, Hardening, And Containment
30th Oct 2020 [24 days ago] from FireEye Research
UPDATE (Oct. 30, 2020): We have updated the report to includeadditional protection and containment strategies based on front-linevisibility and response efforts in combating ransomware. While thefull scope of recommendations included within...
Unhappy Hour Special: KEGTAP And SINGLEMALT With A Ransomware Chaser
28th Oct 2020 [26 days ago] from FireEye Research
Throughout 2020, ransomware activity has become increasinglyprolific, relying on an ecosystem of distinct but co-enablingoperations to gain access to targets of interest before conductingextortion. Mandiant Threat Intelligence has tracked...
Welcome To ThreatPursuit VM: A Threat Intelligence And Hunting Virtual Machine
28th Oct 2020 [27 days ago] from FireEye Research
Skilled adversaries can deceivedetection and often employ new measures in their tradecraft. Keeping astringent focus on the lifecycle and evolution of adversaries allowsanalysts to devise new detection mechanisms and response processes.Access...
Flare-On 7 Challenge Solutions
23rd Oct 2020 [one month ago] from FireEye Research
We are thrilled to announce the conclusion of the seventh annualFlare-On challenge. This year proved to be the most difficultchallenge we’ve produced, with the lowest rate of finishers. Thisyear’s winners are truly the elite of the...
FIN11: Widespread Email Campaigns As Precursor For Ransomware And Data Theft
13th Oct 2020 [one month ago] from FireEye Research
Mandiant Threat Intelligence recently promoted a threat cluster to anamed FIN (or financially motivated) threat group for the first timesince 2017. We have detailed FIN11s various tactics, techniques andprocedures in a report that is available...
Detecting Microsoft 365 And Azure Active Directory Backdoors
30th Sep 2020 [2 months ago] from FireEye Research
Mandiant has seen an uptick in incidents involving Microsoft 365(M365) and Azure Active Directory (Azure AD). Most of these incidentsare the result of a phishing email coercing a user to enter theircredentials used for accessing M365 into...
Fuzzing Image Parsing In Windows, Part One: Color Profiles
23rd Sep 2020 [2 months ago] from FireEye Research
Image parsing and rendering are basic features of any modernoperating system (OS). Image parsing is an easily accessible attacksurface, and a vulnerability that may lead to remote code execution orinformation disclosure in such a feature...
1 2 3 4 5 6 7 Older »