A recently discovered spear phishing campaign is targeting the Mongolian government using customized evasion, fileless execution and decoy documents to infect victims with a RAT known as Poison Ivy.Read more...
Entries filed under 'Ankit Anubhav '
Threat Research Blog
FireEye posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. These blog posts cover everything from exploits and vulnerabilities, to advanced malware and targeted attacks.
September 23, 2016 10:30 AM By Ankit Anubhav , Dileep Kumar Jallepalli | Advanced Malware
Hancitor uses several capabilities within malicious macros that support malware installation and data theft. These capabilities include leveraging uncommon APIs and obscuring malicious PowerShell commands, tactics that make it a challenge to detect.
July 18, 2016 8:00 AM By Ankit Anubhav , Raghav Ellur | Advanced Malware
A new feature of the FireEye Endpoint Security platform detected a Cerber ransomware campaign and alerted customers in the field. The campaign distributed a malicious Microsoft Word document that could contact an attacker-congrolled website to download and install the Cerber family of ransomware.
December 14, 2015 4:23 PM By Ankit Anubhav , Raghav Ellur | Advanced Malware
FireEye recently discovered data-stealing campaigns in which nearly all steps of the attack cycle involved simple, yet efficient, PowerShell commands. PowerShell is now often used in attacks and especially when it is in a corporate environment, it should be well regulated and monitored with enhanced logging. Security teams should be aware of how PowerShell can be maliciously used and cultivate expertise investigating PowerShell attacks.Read more...