Latest Fireeye Podcast Episodes
The Defender's Advantage Podcast
State of the Hack - March 30, 2022 20:00 - 1 minute ★★★★★ - 28 ratingsIf you are here looking for State of the Hack, we invite you to visit the feed of Mandiant’s new podcast, The Defender’s Advantage Podcast: https://www.buzzsprout.com/1762840 The new show launches this week with the same great content you've come to expect from us and even more. Host Luke McN...
S4E07: IIV Drippin: Overcoming Your Zero Day Hangover
State of the Hack - May 20, 2021 18:00 - 35 minutes ★★★★★ - 28 ratingsZero Days got you down? There sure has been a lot of high impact zero days impacting edge appliances in 2021, from Microsoft Exchange, Pulse Secure, and SonicWall. In this episode, we're joined by Josh Fleischer, the Managed Defense investigator who uncovered three zero days in SonicWall Email S...
S4E06: Extortion, Ransoms & the Wonderful Life of Red Teams
State of the Hack - March 19, 2021 14:58 - 37 minutes ★★★★★ - 28 ratingsIn today's threat landscape, data theft and extortion go hand in hand with ransomware. In this episode of State of the Hack, we'll talk about how data theft plays a role in modern day ransomware incidents, how attackers carry out data theft, and how we simulate data theft during our Red Team ass...
S4E05: The Wonderful World of Web Shells
State of the Hack - February 18, 2021 18:23 - 32 minutes ★★★★★ - 28 ratingsAn oft-undiscussed tactic, web shells are a popular way for threat actors of all flavors to gain initial footholds, move laterally, and maintain persistence in a stealthy manner. Austin and Doug discuss a popular exploit that has been observed in the wild leading to web shells and what infosec p...
S4E04: Apex Predators: Inside OpSec Strategy
State of the Hack - January 21, 2021 20:54 - 35 minutes ★★★★★ - 28 ratingsThis episode discusses the idea of operational security ("OPSEC") from an attacker's perspective. OPSEC relates to how an attacker or red team might try to make their activities stealthier to avoid detection. During this episode, Evan Pena and Julian Pileggi talk about the various ways the Mandi...
S4E03: Azure Got Run Over by a Refresh Token
State of the Hack - December 18, 2020 14:32 - 40 minutes ★★★★★ - 28 ratingsJoin us for our holiday episode as we search for silver bells and silver linings in our move to The Cloud! The cast sits down with Dirk-Jan Mollema to talk Azure AD and Primary Refresh Tokens; and what savvy defenders can do to secure their own cloud credentials.
S4E02: Weaponizing Office Documents with VBA Purging
State of the Hack - November 19, 2020 20:35 - 56 minutes ★★★★★ - 28 ratingsMalicious Office document’s module streams that contain source code, but no P-code are more likely to evade YARA rules and AV detection. This evasion technique is called VBA purging; which is different than the observed VBA stomping technique. In this episode we will discuss what VBA purging is,...
S4E01: KEGTAP-ing Out: Don't be a One Trickbot Pony
State of the Hack - October 29, 2020 19:22 - 49 minutes ★★★★★ - 28 ratingsState of the Hack is back! Featuring new hosts Doug Bienstock (@doughsec), Austin Baker (@bakedsec), Julian Pileggi (@x64_Julian), and Evan Pena (@evan_pena2003) and new content. Doug and Austin kick things off and dive into a recent flood of phishing campaigns associated with KEGTAP aka BazaaLo...
S3E2: Hacking Tracking Pix & Macro Stomping Tricks
State of the Hack - February 10, 2020 18:00 - 42 minutes ★★★★★ - 28 ratingsOn today's show, Nick Carr and Christopher Glyer break down the anatomy of a really cool pre-attack technique - tracking pixels - and how it can inform more restrictive & evasive payloads in the next stage of an intrusion. We're joined by Rick Cole (@a_tweeter_user) to explore one such evasive m...
S3E1: Spotlight Iran - from Cain & Abel to full SANDSPY
State of the Hack - January 17, 2020 18:00 - 53 minutes ★★★★★ - 28 ratingsIn response to increased U.S.-Iran tensions stemming from the recent death of Quds Force leader Qasem Soleimani by U.S. forces and concerns of potential retaliatory cyber attacks, we're bringing the latest from our front-line experts on all things Iran. Christopher Glyer and Nick Carr are joined...
S2E13: Rudolph the Redsourced Reindeer
State of the Hack - December 11, 2019 14:10 - 37 minutes ★★★★★ - 28 ratingsHo ho homepage! Christopher Glyer and Nick Carr are back for the last episode of 2019. They’re closing the year with a look at this month’s front-line espionage activity and a whole bunch of FIN intrusions! In addition to the threat round-up, they highlight some of our Mandiant consultants doing...
S2E12: Shellcode. DLLy DLLy!
State of the Hack - October 17, 2019 14:43 - 20 minutes ★★★★★ - 28 ratingsChristopher Glyer and Nick Carr are back with an extremely offensive episode with red teamers Evan Pena (@evan_pena2003) and Casey Erikson (@EriksocSecurity). They get right into why they use shellcode (any piece of self-contained executable code) and some of the latest shellcode execution & inj...
S2E11: Between Two Steves
State of the Hack - October 11, 2019 15:48 - 26 minutes ★★★★★ - 28 ratingsChristopher Glyer and Nick Carr sit down with the top two Steves from Advanced Practices: Steve Stone (@stonepwn3000) and Steve Miller (@stvemillertime) to talk about the front-line technical stories and research presented at the 2019 #FireEyeSummit. With team members embedded on every investig...
S2E10: from MATH import CYBERZ*
State of the Hack - October 03, 2019 14:08 - 42 minutes ★★★★★ - 28 ratingsChristopher Glyer and Nick Carr interview Matt Berninger (@secbern) about his journey from Incident Responder to Data Scientist and how that has shaped his perspective on ML applications and issues in the industry today. This discussion provides a brief overview of Data Science fundamentals and...
S2E09: DerbyCon Edition with Dave Kennedy
State of the Hack - September 18, 2019 05:00 - 19 minutes ★★★★★ - 28 ratingsChristopher Glyer and Nick Carr interview Dave Kennedy (@HackingDave) on his experience running DerbyCon over the years, what conferences he plans to attend next, and future plans to build and support DerbyCon Communities (DerbyCom). Red teaming in the last few years has started to get harder du...
S2E08: DerbyCon Edition with Nate Warfield
State of the Hack - September 16, 2019 15:01 - 25 minutes ★★★★★ - 28 ratingsChristopher Glyer and Nick Carr interview Nate Warfield (@n0x08) on his experience working at Microsoft's Security Response Center (MSRC). They discuss how Nate's team manages the vulnerability reporting and fix/remediation process across Microsoft's range of products/services. And debated what ...
S2E07: DerbyCon Edition w/ Carlos Perez & Benjamin Delpy
State of the Hack - September 12, 2019 13:14 - 30 minutes ★★★★★ - 28 ratingsIn this episode, Christopher Glyer and Nick Carr interview the Darkoperator (@Carlos_Perez) and Benjamin Delpy (@gentilkiwi) on all things related to Mimikatz and Kekeo. They discuss Carlos' new class on Mimikatz, the background on why he started it, how red teamers can use the features in uniqu...
S2E06: APT41 - Double Dragon: The Spy Who Fragged Me
State of the Hack - August 14, 2019 17:46 - 31 minutes ★★★★★ - 28 ratingsThis is our APT group graduation party for APT41: Double Dragon, conducting both Chinese state-sponsored espionage activity and personal financially-motivated activity. You've read the report* and on this episode, Christopher Glyer and Nick Carr go behind-the-scenes with two technical experts, J...
SotH Convos: Finding Evil in Windows 10 Compressed Memory
State of the Hack - August 07, 2019 14:35 - 17 minutes ★★★★★ - 28 ratingsWe are kicking-off a new segment on State of the Hack - an audio-only deep dive discussion with authors from popular technical blogs. On this episode, Christopher Glyer and Nick Carr spoke with FireEye's Blaine Stancill (@MalwareMechanic) and Omar Sardar (@osardar1) on their recent blog post, "F...
S2E05: Your Payment Cards Are Our Business Cards
State of the Hack - July 25, 2019 17:32 - 31 minutes ★★★★★ - 28 ratingsWe interviewed one of our most tenured analysts Barry Vengerik (@barryv) on a range of viewer requested topics including: FIN7 retrospective, recent surge of Iranian threat activity, APT34 targeting organizations via LinkedIn messaging, FSB contractor leaks, APT36 USB drop attacks and some tails...
S2E04: Ransom Acts of Flyness
State of the Hack - June 04, 2019 10:47 - 44 minutes ★★★★★ - 28 ratingsChristopher and Nick kicked-off the latest episode with recent updates to the MITRE ATT&CK framework, including several techniques that they submitted. During the episode they discuss Outlook add-in persistence, renamed binaries, and the high-level increase in execution guardrails observed - all...
S2E03: Behind the ATM Heist & Other Red Team Stories
State of the Hack - April 16, 2019 17:21 - 45 minutes ★★★★★ - 28 ratingsOn this episode, we got right into a bunch of new in-the-wild activity! We discussed FIN6's shift to deploying enterprise ransomware, including their recent LOCKERGOGA campaigns. The recent DAYJOB/ShadowHammer supply chain compromises prompted some discussion around this trend and several huntin...
S2E02: Trending 10 Years of Breach Response (RSAC #SendUsSwag)
State of the Hack - March 12, 2019 15:51 - 30 minutes ★★★★★ - 28 ratingsIn this latest episode, we featured FireEye, Principal Threat Analyst and M-Trends contributor, Regina Elwell to take us on a deep dive of our annual M-Trends report. We discussed how key metrics from our incident response investigations changed including dwell times, source of notification, and...
S2E01: #NoEasyBreach REVISITED
State of the Hack - January 31, 2019 19:46 - 47 minutes ★★★★★ - 28 ratingsWe're back for season 2 and discussed reports of destructive/disruptive attacks by APT33 and DNS hijacking. We also spoke with Matthew Dunwoody and Alex Orleans about one of our favorite topics: APT29.
S1E09: Holiday APT Spectacular
State of the Hack - December 11, 2018 13:22 - 36 minutes ★★★★★ - 28 ratingsIn their final episode of 2018, Christopher Glyer and Nick Carr brought the holiday cheer by providing a wrap-up on interesting targeted attacker activity from the past 90 days, including CNIIHM links to TRITON ICS attacks, suspected APT29 spearphishing campaign, several recent DOJ indictments. ...
S1E08: Facing Forward: Cyber Security in 2019 and Beyond
State of the Hack - November 14, 2018 22:19 - 36 minutes ★★★★★ - 28 ratingsIn this episode, Christopher Glyer and Nick Carr spoke with Steven Booth, Chief Security Officer at FireEye, to discuss what’s to come in 2019, including attackers and nations attempting to emulate other threat groups, increased leveraging of legitimate services for command and control, machine ...
S1E07.3: Special Edition: FLARE vs. Carbanak
State of the Hack - October 15, 2018 18:03 - 22 minutes ★★★★★ - 28 ratingsIn this segment, we sit down with two Staff Reverse Engineers on the FLARE team, Michael Bailey (@mykill) and James “Tom” Bennett (@jtbennettjr), who were at CDS this year to discuss the results of nearly 500 total hours of analysis of the Carbanak source code we acquired. This included 100,000 ...
S1E07.2: Special Edition: Upgrading to APT38
State of the Hack - October 15, 2018 17:53 - 17 minutes ★★★★★ - 28 ratingsFireEye recently released details on a particularly aggressive threat group that we believe is responsible for conducting financial crime on behalf of the North Korean regime, stealing millions of dollars from banks worldwide. We refer to this group as APT38. In this segment, we welcome two core...
S1E07.1: Special Edition: Understanding the GRU Indictments
State of the Hack - October 15, 2018 17:50 - 13 minutes ★★★★★ - 28 ratingsWe had the chance to pick the brains of John Hultquist (@JohnHultquist), Director of Threat Intelligence, and Ben Read (@bread08), Senior Manager of Cyber-espionage Analysis. John and Ben provide a lot of media color and discuss geopolitical ramifications of complex technical reports by translat...
S1E07: Iranian Influence Operation
State of the Hack - August 27, 2018 14:23 - 15 minutes ★★★★★ - 28 ratingsChristopher Glyer and Nick Carr spoke with FireEye Intel Analyst, Lee Foster on how FireEye identified a suspected influence operation that appears to originate from Iran aimed at audiences in the U.S., U.K., Latin America, and the Middle East. During their conversation they spoke about how the...
Related Fireeye Topics