Cyber espionage is traditionally understood as a method aimed at achieving an information edge or a strategic goal. However, our research on malware activity related to the ongoing conflict in Syria indicates that such operations can provide actionable military intelligence for an immediate battlefield advantage. We release a new report “Behind the Syrian Conflict’s Digital Frontlines,” that documents a well-executed hacking operation that successfully breached the Syrian opposition.

Having some of the world’s most active economies, Asia Pacific countries are more likely to be a target of targeted attacks than the rest of the world. In “Operation Quantum Entanglement”, “Pacific Ring of Fire: PlugX / Kaba” and other FireEye reports, we have highlighted how Northeast Asian countries have been at the centre of advanced attacks. Today, we release a new report “APT 30 and the Mechanics of a Long-Running Cyber Espionage Operation,” which documents about a threat group, APT 30, who has consistently targeted Southeast Asia and India over the past decade.

Advanced targeted cyber attacks are increasing every year; being prepared with an incident response plan can minimize their duration and impact. In this white paper, read about 12 recommended actions that will help you prepare for, respond to and remediate security threats quickly and effectively.

Download now to learn more.

SYNful Knock is a stealthy modification of the router's firmware image that can be used to maintain persistence within a victim's network. It is customizable and modular in nature and thus can be updated once implanted. Even the presence of the backdoor can be difficult to detect as it uses non-standard packets as a form of pseudo-authentication.

The initial infection vector does not appear to leverage a zero-day vulnerability. It is believed that the credentials are either default or discovered by the attacker in order to install the backdoor. However, the router's position in the network makes it an ideal target for re-entry or further infection. Read this Whitepaper to learn more.

Protecting against advanced cyber-attacks requires, among other things, that you meet the same level of sophistication as your attackers. Unfortunately, most current security technologies fail to meet that bar, resulting in organizations being breached when they thought they were protected.

A resulting breach can be devastating, leading most organizations to re-evaluate their security program. Critically evaluating your security program in its entirety and looking for the areas it can be improved is a daunting task.

In spite of the best efforts of the cyber security industry to protect computer networks, breaches still happen, causing millions of dollars in damage, tainting the reputation of corporations, and causing end users to lose confidence in the security of their personal information. Given that new reality, it’s not enough for organizations to try to protect their networks from a breach, but to have an effective response plan in place for when a breach occurs anyway.

Today, companies need to conduct a comprehensive response readiness assessment that lays out what steps to take in the event of a breach in order to minimize the damage and recover from the intrusion as quickly as possible.

It’s not a question of if your organization will be breached. It’s a question of when.

Most attackers remain active in environments for a significant amount of time before being discovered. And only a small percentage of organizations discover the presence of advanced attackers themselves—most need to be informed by law enforcement or a proactive third-party security firm. By then, an attacker could do a great deal of damage.

A compromise assessment answers the all-important question: Have you been breached?

M-Trends 2016 provides trends, statistics and case studies to illustrate how advanced threat actors have evolved over the past year.
The annual report was compiled by consultants at Mandiant, a FireEye company, and is based on hundreds of Mandiant incident response investigations in more than 30 industry sectors. It offers recommendations on how organizations can improve the way they prevent, detect, analyze and respond to cyber attacks.