Audit Viewer: Malware Rating Index Undocumented Features and Caveats
Written by Peter Silberman
Hopefully everyone has had a few weeks to recover from the M-Trends kickoff party in St. Louis and everyone has also had a chance to read the M-Trends report! I hope everyone enjoyed the talk I gave at DOD Cyber Crime Conference. Read the rest
Tags: Audit Viewer, DC3, DOD Cyber Crime Conference, M-Trends, Malware Rating Index, Memoryze, MRI, MTrends
DOD Cyber Crime: New Audit Viewer/Memoryze
Written by Peter Silberman
MANDIANT is going to be at DOD Cyber Crime this year. Jamie and I have both been heads down for many weeks now working on some pretty cool stuff. We are starting to come up for air and what that means for you is updates to Memoryze and Audit Viewer. Read the rest
Tags: APT, Audit Viewer, DC3, DOD Cyber Crime, malware, Malware Rating Index, MANDIANT, Memoryze, MRI
. 21 Jan 10 | The Whiteboard | Comments (0)
The changing battlefield in Memory
Written by Peter Silberman
Steve Davis and I gave a talk at Blackhat and at Defcon called Metasploit Autopsy: Reconstructing the scene of the crime. Giving the talk was a blast; both Steve and I were thrilled to be given an opportunity to give a defensive security talk on the Metasploit track. Read the rest
Tags: blackhat, MANDIANT, Memoryze, metasploit, metasploit forensic framework, meterpreter, msff
. 13 Aug 09 | The Suite Spot | Comments (0)
MindSniffer, Updated Audit Viewer released
Written by Peter Silberman
I’m currently writing this blog post from my hotel room at Blackhat Federal. Jamie and I wrapped up our “Advanced Memory Forensics in Incident Response” class on Tuesday. It went very well and we are both looking forward to teaching it again in Las Vegas. Read the rest
Tags: Audit Viewer, blackhat, Memoryze, mindsniffer, peter silberman, Snort My Memory
. 19 Feb 09 | The Armory | Comment (1)
Memoryze now supports Vista SP1 and F-response
Written by Jamie Butler
Vista
If you ever tried to run Memoryze on Vista, you may have been pleasantly surprised to find it already supported memory acquisition on this platform. It was designed with that in mind from the start, but it was still kind of cool when I tested it and it worked. Now, I am happy to report that Memoryze 1.3.0 has beta support for memory analysis on Vista SP1. Read the rest
Tags: F-response, Memory analysis, Memoryze, Vista
. 09 Feb 09 | The Armory | Comment (1)
Memoryze is the 2008 Toolsmith Tool Of the Year
Written by Michael J. Graven
Russ McRee recently wrote that Memoryze is the 2008 Toolsmith Tool of the Year, and how it helped him find the full name of a malware author. He also wrote up a great description of using Memoryze to chase down a password stealing trojan in the February 2009 issue of the ISSA Journal. Read the rest
Tags: holisticinfosec.org, Intelligent Response, ISSA Journal, Memoryze, Russ McRee, Toolsmith
. 05 Feb 09 | The Armory | Comment (1)
Channels
Recent Posts
- Education and Information Sharing Top Priority at 2012 DoD Cyber Crime Conference
- Executive Breakfast Briefing with Former DHS Secretary Michael Chertoff
- Vulnerability and Exploit Terminology Webinar
- Creating an IOC to Spot the Duqu Family
- Using Redline & OpenIOC to Build Effective Indicators
Follow us on Twitter
- Mandiant: RT @cbentle2: @OpenIOC Updated #IOC posted https://t.co/Y2PGTuqE #dfir
- Mandiant: M's Michael Sikorski wrote a book, "Practical Malware Analysis" & will be hosting a webinar to discuss it! 2/29 2PM ET http://t.co/fd7Bf8Vj
- Mandiant: @_saadk Thanks for the #FF!