An earlier phishing campaign - Zycode - that targeted Apple users in China is active again. The threat actors appear to be looking for Apple IDs and passwords.
Entries filed under 'Dr. Farrukh Shahzad'
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
Rotten Apples: Resurgence
October 20, 2016 8:00 AM By Dr. Fahim Abbasi, Abdul Salam, Dr. Farrukh Shahzad, Safwan KhanIncreased Use of WMI for Environment Detection and Evasion
October 7, 2016 8:00 AM By Muhammad Hasib Latif, Dr. Farrukh Shahzad | Threat Intelligence, Advanced MalwareMalware writers are always looking for new ways to evade analysis frameworks and sandboxes to successfully breach targeted environments and platforms. WMI provides a simple way of environment detection to evade sandboxes and dynamic analysis tools, which seem to be underestimated by the security community. This blog looks at evasion samples.
Read more...Resurrection of the Evil Miner
June 20, 2016 8:00 AM By Dr. Fahim Abbasi, Umair Ali Zafar, Muhammad Hasib Latif, Dr. Farrukh Shahzad, Safwan Khan | Advanced MalwareWe recently detected the resurgence of a coin mining campaign with a novel and unconventional infection vector in the form of an iFRAME embedded in a PE binary.
Read more...Rotten Apples: Apple-like Malicious Phishing Domains
June 7, 2016 8:00 AM By Dr. Fahim Abbasi, Abdul Salam, Dr. Farrukh Shahzad, Safwan Khan | VulnerabilitiesSome phishing domains, registered in the first quarter of 2016, were designed to appear as legitimate Apple domains and were involved in phishing attacks against Apple iCloud users in China and UK.
Read more...