Category: FireEye
The Invisible Risk – Why Supply Chain Is a Top Security Priority and What to Do About It
The security community received a very powerful and earth-shattering awakening when Heartbleed, a critical security bug in the OpenSSL cryptographic library, was disclosed in 2014. OpenSSL was and continues to be a critical component used toIntroduction to Reverse Engineering Cocoa Applications
While not as common as Windows malware, there has been a steady stream of malware discovered over the years that runs on the OS X operating system, now rebranded as macOS. February saw three particularly interesting publications on the topic ofSolving Ad-hoc Problems with Hex-Rays API
Introduction IDA Pro is the de facto standard when it comes to binary reverse engineering. Besides being a great disassembler and debugger, it is possible to extend it and include a powerful decompiler by purchasing an additional license fromTo SDB, Or Not To SDB: FIN7 Leveraging Shim Databases for Persistence
In 2017, Mandiant responded to multiple incidents we attribute to FIN7, a financially motivated threat group associated with malicious operations dating back to 2015. Throughout the various environments, FIN7 leveraged the CARBANAK backdoor,Writing a libemu/Unicorn Compatability Layer
In this post we are going to take a quick look at what it takes to write a libemu compatibility layer for the Unicorn engine. In the course of this work, we will also import the libemu Win32 environment to run under Unicorn. For a bit ofHelix: Not Just Another SIEM
Security information and event management (SIEM) tools have been around for some time. Yet, as the instruments of threat actors mature, tools to combat them must advance even faster. Many SIEMs from your Computer Information Science professor’sIntroducing GoCrack: A Managed Password Cracking Tool
FireEye's Innovation and Custom Engineering (ICE) team released a tool today called GoCrack that allows red teams to efficiently manage password cracking tasks across multiple GPU servers by providing an easy-to-use, web-based real-time UIAdvancing Cyber Risk Management: From Security to Resilience
Over the past few years, the ever-evolving cyber threat landscape and the dire and impactful consequences of cyber attacks has led to large-scale cyber attacks and data fraud ranking in the top five of most likely risks worldwide. DespiteFour Necessary Steps to Protect Election Infrastructure
Cyber criminals and hackers can create chaos in state and local voting and election systems – from disqualifying voters to corrupting data to launching denial-of-service attacks. For example, last summer 12 Russians were indicted by theApple Pay: A Security Analysis
Has Apple taken a bite out of hackers’ arsenals? The company is betting on it. Its recent announcement about a new secure payment option has the retail and tech worlds buzzing. If Apple can implement its near-field communication (NFC) paymentLoad More