Entries filed under 'Memory analysis'
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
May 19, 2011 4:50 PM By Travis Reese
MANDIANT would like to congratulate Jamie Butler on his appointment to the Black Hat Review Board. Black Hat is one of the premier technical security conferences, and Jamie's appointment to its board is a testament to his contributions in advancing the field of computer security. Jamie has been a long-time trainer at this conference and will still be teaching Advanced Memory Forensics in Incident Response there with Peter Silberman. MANDIANT will also be teaching Malware Analysis, Advanced Malware Analysis, and Incident Response: Black Hat Edition at the 2011 show.Read more...
February 3, 2011 5:25 AM By Jamie Butler
First, let me start by saying thanks to our users for the more than 10,000 unique downloads of Memoryze and Audit Viewer in 2010. Peter and I have been working with a lot of different people over the past couple of months to bring you this new release. You can download version 1.4.4200 of Memoryze and Audit Viewer now. I will just touch on a few things of most interest. You can read the User Guides for the rest.Read more...
September 20, 2010 11:41 PM By Jamie Butler
July 21, 2010 11:16 PM By Peter Silberman
The stuxnet malware has been making the press recently for two reasons. First it contains two drivers signed with a legitimate (at the time) cert. Second is it's targeting SCADA systems. The malware is cool for a host of other geeky reasons. Nick Harbour, Stephen Davis, and I started looking at the malware Sunday afternoon. We had hoped to write a blog post about the specifics of the malware before we left for Vegas on Friday. However, in the short term I thought this malware would provide a great opportunity to demonstrate how memory analysis can be leveraged to find malware easily, and how the MANDIANT's Indicator of Compromise editor (IOCe) tool can be used to describe the malware and what to look for.Read more...