ltechnologygroup.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to amazon.com.
As we are mere hours away from celebrating 2013, we’d like to
focus today on M-Unition’s Armory channel. The Armory is the place
to be if you want to be the first to find out about the latest
releases, free tools and of course, our ever popular M-Trends
report. The most popular posts in this category are listed below for
your reading pleasure.
This past year we made several product
announcements, but this one was especially rewarding. When you deal
with cybersecurity risks on a daily basis you need tools to help you
see activity in real time. At MIRcon ™ 2012, we announced our newest
product offering: Mandiant Cloud Alert™. Mandiant Cloud Alert is a
powerful tool, enabling organizations to identify malicious
communication, audit existing security measures, monitor how the
organization is trending over time, and track incidents in their
Memoryze for the Mac 1.0 brings many of the features of
Memoryze™ to the Apple Macintosh platform. This
new tool enables acquisition of memory images via the command-line
or a simple GUI. In addition, Memoryze for the Mac 1.0 can perform
offline analysis against memory images or live analysis on a running
Freeware tool, Shim Cache Parser™, was developed in the
course of our incident response investigations, according to
Mandiant’s Andrew Davis.
During keyword searches of
compromised systems, the Mandiant team discovered known malicious
file names in the Windows Registry. Further research showed the
cache data was generated by the Windows Application Compatibility
Database. Along with these file names, other types of file metadata
can be recovered such as file size, file last modified times, and
last execution time, depending on the operating system version. This
data can be very useful during an incident response. It helps
identify which systems an attacker may have executed malware on and
can also provide information about the time that it may have
Shim Cache Parser is the proof-of-concept tool we
developed to extract this useful forensic evidence. You can download
Mandiant’s Sean Cunningham and Mark Thomas discuss
the availability of a highly efficient reverse HTTP(S) proxy called
simply ‘RProxy™’. Mandiant released RProxy as an open sources tool
to encourage the general community to participate in its evolution.
You can download the tool here.
Each year Mandiant takes a look back at
engagements we’ve responded to and puts together trends that help
you fight back against targeted threats. On March 6th, we released
our latest M-Trends report, An Evolving Threat, which revealed key
insights, statistics and case studies illustrating how the tools and
tactics of targeted attackers, including the Advanced Persistent
Threat (APT), have evolved over the last year. We’re currently
working on the 2013 edition of M-Trends and plan to release it at RSA
At L Technology Group, we know technology alone will not protect us from the risks associated with in cyberspace. Hackers, Nation States like Russia and China along with “Bob” in HR opening that email, are all real threats to your organization. Defending against these threats requires a new strategy that incorporates not only technology, but also intelligent personnel who, eats and breaths cybersecurity. Together with proven processes and techniques combines for an advanced next-generation security solution. Since 2008 L Technology Group has develop people, processes and technology to combat the ever changing threat landscape that businesses face day to day.
Call Toll Free (855) 999-6425 for a FREE Consultation from L Technology Group, https://www.ltechnologygroup.com.