Throughout 2017 we have observed a marked increase in the use of command line evasion and obfuscation by a range of targeted attackers.
Read more...No such category found
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
Obfuscation in the Wild: Targeted Attackers Lead the Way in Evasion Techniques
June 30, 2017 7:00 PM By Daniel Bohannon, Nick CarrBack That App Up: Gaining Root on the Lenovo Vibe
June 29, 2017 12:30 PM By Jake VallettaIn May of 2016, Mandiant’s Red Team discovered a series of vulnerabilities present on Lenovo’s Vibe P1 Android-based mobile device that allow local privilege escalation to the user “root”.
Read more...Petya Destructive Malware Variant Spreading via Stolen Credentials and EternalBlue Exploit
June 27, 2017 5:30 PM By John Miller, Nick Carr, Matt Allen, Christopher Glyer, Ian AhlOn June 27, 2017, multiple organizations – many in Europe – reported significant disruptions they are attributing to a variant of the Petya ransomware, which we are calling “EternalPetya”.
Read more...Remote Symbol Resolution
June 21, 2017 8:00 AM By David ZimmerAfter introducing a couple of common techniques that malware uses to obscure its access to the Windows API, we present an open source tool we developed that can be used to resolve addresses from a process running in a virtual machine by an IDA script.
Read more...FIN10: Anatomy of a Cyber Extortion Operation
June 16, 2017 8:00 AM By David Mainor, Nick Richard, Charles Prevost, Charles CarmakalFireEye has identified a set of financially motivated intrusion operations being carried out by an actor we have dubbed FIN10.
Read more...Sign up for email updates
Get information and insight on today's advanced threats from the leader in advanced threat prevention.
