Threat Intelligence Reports

SYNful Knock: A Cisco Implant

Routers, which connect companies to the internet, are a recognized vulnerability that would allow attackers to easily establish a foothold in organizational networks and compromise other hosts and critical data. The recently discovered SYNful Knock implant is a real-life example of an attack that uses Cisco routers as a threat vector. Download this report to:

  • Understand the details of the compromise
  • See what the impact is and how to detect it
  • Find out how to remediate the threat

A Cisco Implant

Threat Intelligence on Advanced Attack Groups and Technology Vulnerabilities

FireEye regularly publishes threat intelligence reports that describe the members of advanced persistent threat (APT) groups, how they work, and how to recognize their tools, tactics, and procedures. Threat intelligence reports also cover vulnerabilities of specific business technologies, such as email, sandboxes, and mobile devices. With access to such details cyber security experts can build better defenses against these APT groups and advanced cyber attacks. 

HAMMERTOSS: Stealthy Tactics Define a Russian Cyber Threat Group

Threat research about the recently discovered HAMMERTOSS, a malware backdoor created by the Russian APT group APT29.

Download Report

An Inside Look: Into the World of Nigerian Scammers

Threat intelligence on a Nigeria-based scam, including its targets, tactics, organization, expertise, techniques, tools, and most importantly, how you can protect yourself from losing thousands of dollars.

Download Report

APT17: Hiding in Plain Sight - FireEye and Microsoft Expose Obfuscation Tactic

Threat intelligence on how the China-based APT17 group used Microsoft’s TechNet blog for its Command-and-Control (CnC) operation.

Download Report

Threat Intelligence: Independent Research


Threat Intelligence: Attack Groups

Threat Intelligence: Technologies