In the five years I have been a part of Mandiant's malware analysis team (now formally known as M-Labs) there have been times when I've had to reverse engineer chunks of shellcode. In this post I will give some background on shellcode import resolution techniques and how to automate IDA markup to allow faster shellcode reverse engineering.Read more...
Entries filed under 'Cybersecurity'
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
November 6, 2012 1:59 PM By Helena Brito
Somehow, November is upon us. We finally find ourselves facing the national and local elections that we've been anticipating for months - along with something we barely saw coming - the long road to recovery from Hurricane Sandy. For those still dealing with her aftermath, all of us at Mandiant send our best.Read more...
October 1, 2012 6:35 PM By Carlos Carrillo
October 9, 2012 8:45 PM By Kevin Albano
Part one of our three-part series on victim notifications introduced the concept of victim notifications and the basics of preparing for a notification. The second post of the series provided details on how companies can prepare for, validate, and respond to victim notifications. This post concludes the three-part series with a brief discussion around issues that organizations that provide victim notifications face and recommendations for how they can provide notifications in a practical and effective manner.Read more...
October 4, 2012 6:25 PM By Helena Brito