In this new Revoke-Obfuscation white paper, we provide background on obfuscated PowerShell attacks seen in the wild, defensive mitigation and logging best practices, and more.Read more...
Entries filed under 'Powershell Attacks'
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
April 3, 2017 8:00 AM By Matthew Dunwoody | Threat Research, Advanced Malware
Mandiant has observed APT29 using a stealthy backdoor that we call POSHSPY, which leverages two of the tools the group frequently uses: PowerShell and Windows Management Instrumentation.Read more...
March 9, 2017 8:00 AM By Brandon Arvanaghi | Threat Research, Advanced Malware
October 8, 2014 1:56 AM By Helena Brito
April 21, 2016 1:45 PM By Safwan Khan, Zain Gardezi , Awais Munir | Threat Research, Exploits
FireEye has observed a PowerShell data stealing campaign running through Google Docs, causing users to become unwitting hosts for an infostealer payload.Read more...