Extracting Actionable Cyber Intelligence from a RAT Named Poison Ivyby Darien Kindlund, Tom Bennett, Ned Moran and Nart Villeneuve

Poison Ivy is older than the iPhone, Windows Vista, the Nintendo Wii, and Twitter, yet it remains one of the most popular Remote Access Trojans (RATs) in use today.

RATs like Poison Ivy make it possible for intruders to do virtually anything on a targeted computer, making it the perfect launchpad for sophisticated APT campaigns. But now there is a way to use data from the RAT to extract intelligence from networks compromised by Poison Ivy.

Join the FireEye Labs research team for a live briefing on a new FireEye research report and tool package that will enable security professionals to dissect attacks initiated by Poison Ivy.

Key topics include:

  • How a typical Poison Ivy attack works, including insight into three ongoing cyber attack campaigns using Poison Ivy
  • How to use a new FireEye Calamine tool package that will enable you to decrypt Poison Ivy network traffic
  • How you can use this cyber intelligence to link Poison Ivy-driven activities to broader APT campaigns

Join this live webcast, and learn how you can arm yourself with the cyber intelligence you need in order to effectively respond to APT campaigns leveraging Poison Ivy.

Published 31 March 2015