Jamie Butler named to the Black Hat Review Board
Written by Travis Reese
MANDIANT would like to congratulate Jamie Butler on his appointment to the Black Hat Review Board. Black Hat is one of the premier technical security conferences, and Jamie’s appointment to its board is a testament to his contributions in advancing the field of computer security. Read the rest
Tags: Black Hat, incident response, malware analysis, Memory analysis, speaking, The Suite Spot, Training
. 19 May 11 | The Suite Spot | Comments (0)
zynamics VxClass and memory analysis
Written by Jamie Butler
First, let me start by saying thanks to our users for the more than 10,000 unique downloads of Memoryze and Audit Viewer in 2010. Peter and I have been working with a lot of different people over the past couple of months to bring you this new release. Read the rest
Tags: Audit Viewer, CanSecWest, malware classification, Memory analysis, Memoryze, Training, zynamics VxClass
Memory forensics on Windows 7 (x86 and x64) and Windows 2008 x64
Written by Jamie Butler
Next month Memoryze will be two years old and a lot has changed over that time. There has been a lot of interesting research in the field of memory forensics, and responders are finding value in the analysis.
Platform Support
From a tool perspective, other than the addition of a GUI called Audit Viewer and the added usability that the Malware Rating Index (MRI) provides, the most noticeable change is the expanding platform support. Read the rest
Tags: DKOM attacks, Memory analysis, memory forensics, Memoryze, rootkits, Windows 2008, Windows 7
. 20 Sep 10 | The Armory | Comments (0)
Stuxnet Memory Analysis and IOC creation
Written by Peter Silberman
The stuxnet malware has been making the press recently for two reasons. First it contains two drivers signed with a legitimate (at the time) cert. Second is it’s targeting SCADA systems. The malware is cool for a host of other geeky reasons. Read the rest
Tags: IOC, IOCe, malware analysis, Memory analysis, Stuxnet
. 21 Jul 10 | The Lab | Comments (0)
Honeynet Project: Challenge 3 of the Forensic Challenge 2010
Written by Helena Brito
The Honeynet Project has posted a forensic challenge centered around analyzing a memory image. The image represents the physical memory acquired from a host at a fictitious bank, which was the victim of an intruder. The Honeynet Project has come up with a series of questions that you must answer in order to solve the case. Read the rest
Tags: Audit Viewer, Forensic Challenge, Honeynet Project, Memory analysis, Memoryze, prizes
. 09 Apr 10 | The Suite Spot | Comments (0)
Memory Analysis on Windows 2003 64-bit and What’s Next
Written by Jamie Butler
Peter and I have been busy planning for CanSecWest in a week. The course, Advanced Memory Forensics in Incident Response, is constantly evolving. It has been about a year and a half since Memoryze was released, and just over a year for Audit Viewer.
Tags: Audit Viewer, Black Hat USA, CanSecWest, Malware Rating Index, Memory analysis, memory forensics, Memoryze, MRI
. 15 Mar 10 | The Suite Spot | Comments (0)
Channels
Recent Posts
- M-unition 2.0: Changes on the Horizon
- DoD Cyber Crime Conference Presentation: Recipes for Remediation
- Education and Information Sharing Top Priority at 2012 DoD Cyber Crime Conference
- Executive Breakfast Briefing with Former DHS Secretary Michael Chertoff
- Vulnerability and Exploit Terminology Webinar
Follow us on Twitter
- Mandiant: M's @mikesiko created a free tool, FakeNet. Attend this month's webinar to learn more about it http://t.co/fd7Bf8Vj #infosec #malware #dfir
- Mandiant: M's @helenabrito discusses exciting changes on the horizon for the M-unition blog http://t.co/2zo9pOSa #infosec #dfir #cybersecurity
- Mandiant: M's Michael Sikorski wrote a book, "Practical Malware Analysis" & will be hosting a webinar to discuss it! 2/29 2PM ET http://t.co/fd7Bf8Vj