FireEye recently discovered data-stealing campaigns in which nearly all steps of the attack cycle involved simple, yet efficient, PowerShell commands. PowerShell is now often used in attacks and especially when it is in a corporate environment, it should be well regulated and monitored with enhanced logging. Security teams should be aware of how PowerShell can be maliciously used and cultivate expertise investigating PowerShell attacks.Read more...
Entries filed under 'Powershell Attacks'
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
January 12, 2015 6:11 PM By Jennifer Bielski
2014 brought about a multitude of high-profile breaches, critical vulnerabilities, and newly-discovered threat groups. Has this exposure and awareness changed the way companies are approaching security, incident detection, and containment and response? How will targeted attacks continue to evolve? I sat down with Ryan Kazanciyan, Technical Director at Mandiant, to learn more about what we can expect in 2015.Read more...
October 8, 2014 1:56 AM By Helena Brito