FacebookTwitterLinkedInYouTube


Support Login  |  Partner Login  |  Contact Us
resources section
Home » Resources
» Fidelis Threat Advisory

Fidelis Threat Advisory

Fidelis’ Threat Research team issues Fidelis Threat Advisory (FTA) documents in response to current security issues posing risks to enterprises everywhere.

Each Fidelis Threat Advisory (FTA) features an overview of the threat (e.g. timeline, threat vector(s), person(s) involved, malware behavior, and propagation techniques), risk assessment, and indicators and mitigation strategies.

  FTA 1008- Darkseoul/Jokra - Similar to the Shamoon malware, Darkseoul/Jokra is a cyber-attack that infiltrated the South Korean broadcast and banking infrastructure and wiped out more than 35,000 systems.

  FTA 1007- Shamoon - Due to the recent spate of nation/state sponsored malware, Shamoon is another entry in this  class that adds a destructive compontent in its targeted attack.

  FTA 1006 - DNS - There are a variety of techniques attackers can use to exploit DNS, but the presence of any of them indicates that an initial compromise has already occurred.

  FTA 1005 - Reverse Tunnels - The two primary threats associated with reverse tunneling are network security policy violations and the potentially more serious threat of remote control of internal systems by a malicious outsider.

  FTA 1004 - User-Agent Strings - As the use of the UA string requires no protocol malformations and as there is no formal standard for the content or format of a UA string, its use as a C&C channel is difficult to detect and thus bypasses most security devices.

  FTA 1003 - SSL Challenges - Advanced, purpose driven adversaries utilized fraudulent SSL certificates to attack prominent websites, calling to question the authenticity of SSL.

  FTA 1002 -   IPv6 - While IPv6 poses no threat itself, without the proper controls, it is a conduit for concealed threat activity on your network.IPv6 and associated tunneling protocols employed on IPv4 networks can be used to bypass firewalls and IPS devices that are not IPv6-and IP Tunnel aware.

   FTA 1001 -  The RSA Hack -An examination of the three-stage RSA attack (spear phishing, Poison Ivy reverse tunnel, and compromise of the SecureID system) and a discussion of Adobe Flash patch challenges.

 



secondary navigation resources