Expediting Hunting Workflows with MVISION EDR Historical Search

In this video, we will walk through an example threat hunt using the improved MVISION EDR Historical Search capabilities. Pivoting from an MVISION EDR detection, see how the solution allows for granular searching for an artifact by artifact properties, grouping by properties, and filtering by properties. Trellix is a global company redefining the...

3d

IoT Hardware Hacking Walkthrough: Part 5

The final episode of our Hardware Hacking Walkthrough is here. Follow Senior Security Researcher Sam Quinn through his last steps to achieve remote code execution and persistence in a Foscam R2C camera.

2w

Inside Look @ The Hermit Kingdom

Trellix Labs’ John Fokker and Christiaan Beek discuss everything related to the Hermit Kingdom, including ransomware code visualizations and the money trail.

2w

IoT Hardware Hacking Walkthrough: Part 4

Today on our Foscam R2C camera hacking journey Senior Security Researcher Sam Quinn attempts to make modifications to the flash image and write them back to the device.

3w

IoT Hardware Hacking Walk-Thru: Part 3

Resuming our 5-part series on the Foscam R2C IP camera, we start off by analyzing the flash image dumped in episode #2. We continue to try to find where the encryption password could be stored which is used to decrypt the firmware update file. We begin to decompile interesting binaries using Cutter and IDA Pro. After quite a bit of static analysis we...

3w

A fresh new approach to cybersecurity | Trellix Espresso Cyberbytes

In this episode we introduce you to Trellix, explain XDR, and unpack how this emerging technology provides enhanced threat prevention, detection, and response capabilities. We also explore current challenges in the cybersecurity landscape, our partnership with Mandiant, and provide insights from our latest threat report. Trellix is a global company...

3w

IoT Hardware Hacking Walkthrough: Part 3

Progressing from the previous episodes of our Foscam R2C hacking journey, Senior Security Researcher Sam Quinn attempts to find where the encryption password, used to decrypt the firmware update file, is stored.

4w

Inside Look @ Threat Labs Research Report: April 2022

Trellix Labs’ John Fokker and Christiaan Beek pull back the curtain on our Threat Labs Research Report: April 2022, exploring Living off the Land tools, PipeDream malware, critical infrastructure threats and more.

4w

IoT Hardware Hacking Walk-Thru: Part 2

Continuing our 5-part series on the Foscam R2C IP camera, we attempt to gain access to the Uboot bootloader using a different method to overcome the challenges demonstrated in episode #1 . Once we have gained access to the Uboot bootloader we will change the “init” variable to try to gain root access to the device. After successfully gaining root...

5w

IoT Hardware Hacking Walkthrough: Part 2

Continuing our 5-part series on the Foscam R2C IP camera, we attempt to gain access to the Uboot bootloader using a different method to overcome the challenges demonstrated in episode #1 . Once we have gained access to the Uboot bootloader we will change the “init” variable to try to gain root access to the device. After successfully gaining root...

5w