Readers of the FireEye blogs include some of the brightest analysts, researchers, responders and thought leaders in the industry. To ensure we continue to deliver the content they crave in 2019, we decided to take an extensive look back at our blogs in 2018.
From Jan. 1 to Dec. 31, 2018, we published more than 120 posts across our three blogs: Threat Research, Products and Services and Executive Perspectives. That’s roughly one post every three days – not too shabby! From rereading posts to reviewing performance data, we learned quite a bit about what was working (and what wasn’t working) on our blogs in 2018.
Here are some highlights and other fun facts about the FireEye blogs last year:
- We published 50 posts under Products and Services, 49 posts under Threat Research, and 23 posts under Executive Perspectives.
- Our most popular post published in 2018 was about a suspected Iranian influence operation involving inauthentic news and social media sites.
- The Iranian influence operation post was actually our second most popular post overall – our top performing post was about the ICS attack framework TRITON (it was published in mid-December 2017).
- The top performing Products and Services blog post of 2018 was also published in the same year – it was about the highly critical Meltdown and Spectre vulnerabilities.
- One of our highest performing Executive Perspectives blog posts about building a botnet was originally published more than half a decade ago in 2013.
We’d like to give a huge shout-out to the hundreds of FireEye (and guest) authors who took time out of their busy days and evenings to write about pressing activity and other hot topics. We also extend our deepest appreciation to our readers who regularly turn to us as a valuable source of information, and who frequently engage with us on social media and other platforms.
To close out our review of the FireEye blogs in 2018, we thought it best to choose five posts per blog that best represent what each blog has to offer. The following posts weren’t chosen because they’re the most popular or the most unique – these posts (all published in 2018) simply represent the wide variety of topics that we cover on each blog.
Threat Research – Attacks, Vulnerabilities, Tools, Techniques and Other Technical Topics
- “Attacks Leveraging Adobe Zero-Day (CVE-2018-4878) – Threat Attribution, Attack Scenario and Recommendations” – Our investigation into an Adobe Flash zero-day vulnerability that we assess was being leveraged by a suspected North Korean group we track as TEMP.Reaper.
- “Shining a Light on OAuth Abuse with PwnAuth” – PwnAuth is a web application framework that makes it easier for organizations to test their ability to detect and respond to OAuth abuse campaigns.
- “Bring Your Own Land (BYOL) – A Novel Red Teaming Technique” – Attackers no longer need to rely on the tools present on the target system; they can instead write and deliver their own tools using a technique we call Bring Your Own Land (BYOL).
- “ICS Tactical Security Trends: Analysis of the Most Frequent Security Risks Observed in the Field” – We compiled data to identify the most pervasive and highest priority security risks in industrial facilities.
- “Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign” – We detected targeted phishing activity suspected to be from APT29 at more than 20 of our clients across multiple industries.
Products and Services – Solutions, Services and What FireEye is Up To
- “Help Secure Your Email Against Today's Most Dangerous Threats” – FireEye Email Security detects and blocks malicious emails and phishing URLs, and now can detect impersonation attacks.
- “Tackling the Cyber Security Need for Speed with Network Forensics” – Response-related technologies such as network forensics play a critical role in any enterprise security architecture.
- “MalwareGuard: FireEye’s Machine Learning Model to Detect and Prevent Malware” – With MalwareGuard, customers are able to detect and prevent malware from executing, and detect new malware on day zero that traditional AV technology misses.
- “Gaining a Tactical, Operational and Strategic Advantage with Cyber Threat Intelligence” – Learn about cyber threat intelligence and how organizations stand to benefit from implementing this important capability.
- “Announcing the New FireEye Market” – FireEye Market is a site designed to enable the discovery of free FireEye tools and product add-ons.
Executive Perspectives – High-level Discussion of News and Trends by and for Business Leaders
- “Disinformation Through Fabricated News Sites” – Information operations campaigns are conducted seemingly every day by a wide variety of individuals, from less sophisticated hacktivists to nation-state backed actors.
- “An Anatomy of a Public Cloud Compromise” – We dive into an example of a public cloud compromise and illustrate how threat actors are having success.
- “The Future of WHOIS Searches Under the EU General Data Protection Regulation (GDPR)” – Privacy laws occasionally conflict with the work of security professionals and law enforcement agencies, such as GDPR impacting the ICANN WHOIS Database.
- “Tabletop Exercises – Strengthening Your Cyber Preparedness” – Being prepared for a cyber attack is a must these days; tabletop exercises will evaluate your organization’s ability to effectively execute your cyber incident response plan.
- “Four Keys to Leveraging Cyber Threat Intelligence” – Effective cyber threat intelligence programs generate useful, timely and accurate insights to help leadership manage the agency’s overall risk.
Other topics we cover that aren’t represented on those lists include our Eye on Security podcast series, our State of the Hack series, awards and honors, big reports such as M-Trends and Predictions, webinars and conferences that we hold and attend throughout the year, customer stories, and more.
We got off to a great start in the initial weeks of 2019 with blog posts on a suspected Iranian DNS hijacking campaign, the latest release of FireEye Email Security – Server Edition, and improving election security for State and Local Government. And we have a lot more where that come from, so return to our blogs regularly for all of the latest on FireEye and cyber security.