A recently discovered spear phishing campaign is targeting the Mongolian government using customized evasion, fileless execution and decoy documents to infect victims with a RAT known as Poison Ivy.Read more...
Entries filed under 'Ankit Anubhav '
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
September 23, 2016 10:30 AM By Ankit Anubhav , Dileep Kumar Jallepalli | Threat Research, Advanced Malware
Hancitor uses several capabilities within malicious macros that support malware installation and data theft. These capabilities include leveraging uncommon APIs and obscuring malicious PowerShell commands, tactics that make it a challenge to detect.
July 18, 2016 8:00 AM By Ankit Anubhav , Raghav Ellur | Advanced Malware, Threat Research
A new feature of the FireEye Endpoint Security platform detected a Cerber ransomware campaign and alerted customers in the field. The campaign distributed a malicious Microsoft Word document that could contact an attacker-congrolled website to download and install the Cerber family of ransomware.
December 14, 2015 4:23 PM By Ankit Anubhav , Raghav Ellur | Threat Research, Advanced Malware
FireEye recently discovered data-stealing campaigns in which nearly all steps of the attack cycle involved simple, yet efficient, PowerShell commands. PowerShell is now often used in attacks and especially when it is in a corporate environment, it should be well regulated and monitored with enhanced logging. Security teams should be aware of how PowerShell can be maliciously used and cultivate expertise investigating PowerShell attacks.Read more...