Category: FireEye
An Anatomy of a Public Cloud Compromise
In many ways, the public cloud is more secure than a traditional data center. And yet, assets on the public cloud are compromised all the same. To learn why, let’s […]Calling All Hunters: FireEye Announces Bug Bounty Program
As security researchers and front-line defenders, we at FireEye understand the importance of investigating and responding to security issues. We also understand that—despite our best efforts—we cannot eradicate all security […]COOKIEJAR: Tracking Adversaries With FireEye Endpoint Security’s Logon Tracker Module
During a recent investigation at a telecommunications company led by Mandiant Managed Defense, our team was tasked with rapidly identifying systems that had been accessed by a threat actor using […]Intelligently Test Your Security Program Against MITRE ATT&CK Framework
For most organizations, implementing MITRE ATT&CK™ as part of a security program is a difficult task. Many lack the necessary resources and know-how to navigate a comprehensive validation against ATT&CK […]Bypassing MassLogger Anti-Analysis — a Man-in-the-Middle Approach
The FireEye Front Line Applied Research & Expertise (FLARE) Team attempts to always stay on top of the most current and emerging threats. As a member of the FLARE Reverse […]Announcing the Seventh Annual Flare-On Challenge
The FireEye Labs Advanced Reverse Engineering (FLARE) team is honored to announce that the popular Flare-On challenge will return for a triumphant seventh year. Ongoing global events proved no match against […]Protecting Election Integrity With the Power of Hive-IQ
With local, state, and national elections fast approaching, the cyber security stakes are high. Citizens’ personal data and actual votes are valuable commodities for cyber criminals and bad actors. The […]Obscured by Clouds: Insights into Office 365 Attacks and How Mandiant Managed Defense Investigates
With Business Email Compromises (BECs) showing no signs of slowing down, it is becoming increasingly important for security analysts to understand Office 365 (O365) breaches and how to properly investigate […]‘Ghostwriter’ Influence Campaign: Unknown Actors Leverage Website Compromises and Fabricated Content to Push Narratives Aligned With Russian Security Interests
Mandiant Threat Intelligence has tied together several information operations that we assess with moderate confidence comprise part of a broader influence campaign—ongoing since at least March 2017—aligned with Russian security […]FireEye – A Partner to the State, Local Government and Education Sectors
In previous blog posts, I spent a good deal of time focusing on the threat landscape facing State, Local Government and Education systems. Recently, I talked about risks to critical […]Load More