A recently discovered spear phishing campaign is targeting the Mongolian government using customized evasion, fileless execution and decoy documents to infect victims with a RAT known as Poison Ivy.Read more...
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
January 11, 2017 8:45 PM By Daniel Regalado | Advanced Malware, Threat Research
FireEye Labs recently identified a previously unobserved version of Ploutus, dubbed Ploutus-D, that interacts with KAL’s Kalignite multivendor ATM platform. The samples we identified target the ATM vendor Diebold.Read more...
January 11, 2017 11:00 AM By FireEye iSIGHT Intelligence | Threat Intelligence, Threat Research
FireEye releases a new report, APT28: At the Center of the Storm, that focuses on Russian-sponsored cyber activities, and how we expect the group will continue to operate.Read more...
January 9, 2017 11:00 AM By Mohammed Mohsin Dalla | Advanced Malware, Threat Research
FireEye Labs discovered a phishing campaign in the wild that is targeting primarily U.S.-based Netflix users.
FLARE Script Series: Querying Dynamic State using the FireEye Labs Query-Oriented Debugger (flare-qdb)January 4, 2017 9:02 AM By Michael Bailey | Advanced Malware, Threat Research
The latest in the script series from the FireEye Labs Advanced Reverse Engineering (FLARE) steps through a command-line utility and Python module for querying and altering dynamic binary state.