Discover and read the best of Twitter Threads about #FireEyeSummit
Most recents (2)
"You've Got Mail"
@danielcabaniel @CyberAmyntas discussing email phishing and mail server attack trends
#FireEyeSummit
@danielcabaniel @CyberAmyntas discussing email phishing and mail server attack trends
#FireEyeSummit
APT34 compromised a trusted partner org - and used that to abuse trust (convinced user to enable macros) and successfully phish victim
Subsequently staged data theft files on the Exchange server as .png files and downloaded from the server.
#FireEyeSummit
Subsequently staged data theft files on the Exchange server as .png files and downloaded from the server.
#FireEyeSummit
C-level credential phished while on vacation - APT34 used account access to phish entire company. Even though infosec team blocked URL on web proxy - employees switched to guest wi-fi to access the URL.
#FireEyeSummit
#FireEyeSummit
First up Matias and Adrian discussing investigating the threat actor that MSFT calls Platinum
...and right out of the gate the threat actor steals your EDR agent installer 😮 #SignsThisProbablyIsntAScriptKiddie
#FireEyeSummit
...and right out of the gate the threat actor steals your EDR agent installer 😮 #SignsThisProbablyIsntAScriptKiddie
#FireEyeSummit
How do you hunt for ACI Shim persistence? Multiple different techniques - but the Windows Program-Telemetry logs are a great place to look
#FireEyeSummit
#FireEyeSummit
