Federal agencies need to ensure they're making the right investments to reduce the most amount of cyber risk, and that's where FireEye can help.

Gartner addresses XDR in their latest report, which contains various insights and highlights the need for XDR in the modern SOC. 

Mandiant's Cyber Crime team joins the podcast to discuss ransomware, data theft extortion, and more.

Cyber threat activity affects governments, businesses, and societies across Latin America and the Caribbean, so here are some of the top threats we are seeing.  

We've been busy here on team agent at MANDIANT. In the spirit of our long-standing support of free software in the Incident Response community, we are happy to announce the release of, Web Historian 2.0, . This release is a complete rewrite and revamp of our very popular web history extraction tool. This version of Web Historian comes packed with features and supports Firefox 2/3+, Chrome 3+, and Internet Explorer versions 5 through 8. Here is a quick run-down of some of the new features:

For an attacker to maintain a foothold inside your network they will typically install a piece of backdoor malware on at least one of your systems. The malware needs to be installed persistently, meaning that it will remain active in the event of a reboot. Most persistence techniques on a Microsoft Windows platform involve the use of the Registry. Notable exceptions include the Startup Folder and trojanizing system binaries. Examining malware persistence locations in the Windows Registry and startup locations is a common technique employed by forensic investigators to identify malware on a host. Each persistence technique commonly seen today leaves a forensic footprint which can be easily collected using most forensic software on the market.

It's tricky to track botnets through their command and control, we discuss the false positive issue in detail.

Recently, I wanted to dig deep into a forensic artifact resident in the Windows Registry using only tools native to my favorite operating system: Linux.

Today, The Mandiant® Intelligence Center™ released an unprecedented report exposing APT1's multi-year, enterprise-scale computer espionage campaign. APT1 is one of dozens of threat groups Mandiant tracks around the world and we consider it to be one of the most prolific in terms of the sheer quantity of information it has stolen.