Cybercriminals continue to innovate, finding creative ways of making threats harder to detect using static signatures. A recent strategy involves two large Dridex campaigns that changed the attachment file type and location to avoid scanners.Read more...
Entries filed under 'Malware'
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
- A new version of CenterPOS, known in the cybercrime underground as Cerebrus, has been discovered. This new version now contains additional command options, as well as a configuration file that holds the command and control data and the encryption key.
March 18, 2016 8:30 AM By Kenneth Johnson , J. Gomez | Exploits
Visitors to a Korean news site are being redirected to the GongDa Exploit Kit, which we believe has its origins in China. The EK can compromise vulnerable endpoints, allowing harmful malware to be installed.
January 28, 2016 8:00 AM By FireEye Threat Intelligence | Advanced Malware
December 7, 2015 8:00 AM By Dimiter Andonov, Willi Ballenthin, Nalani Fraser, Will Matson, Jay Taylor | Advanced Malware
A threat group is targeting payment card data using sophisticated malware that can continue operating even after the operating system has been reinstalled.
China-based Cyber Threat Group Uses Dropbox for Malware Communications and Targets Hong Kong Media OutletsDecember 1, 2015 8:00 AM By FireEye Threat Intelligence | Threat Intelligence
A spear-phishing campaign that targets Hong Kong-based media organizations is using Dropbox for its malware communications.