FireEye Labs recently identified a previously unobserved version of Ploutus, dubbed Ploutus-D, that interacts with KAL’s Kalignite multivendor ATM platform. The samples we identified target the ATM vendor Diebold.Read more...
Entries filed under 'Advanced Malware'
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
January 9, 2017 11:00 AM By Mohammed Mohsin Dalla | Advanced Malware
FireEye Labs discovered a phishing campaign in the wild that is targeting primarily U.S.-based Netflix users.
FLARE Script Series: Querying Dynamic State using the FireEye Labs Query-Oriented Debugger (flare-qdb)January 4, 2017 9:02 AM By Michael Bailey | Advanced Malware
The latest in the script series from the FireEye Labs Advanced Reverse Engineering (FLARE) steps through a command-line utility and Python module for querying and altering dynamic binary state.
December 15, 2016 8:00 AM By David Pany, Fred House | Advanced Malware
Records enable analysts to identify both executed files and deleted attacker files. Microsoft's System Center Configuration Manager (SSCM) software can record the several forensic artifacts that provide critical information in these files as part of a well-balanced investigation strategy.Read more...
November 30, 2016 11:13 PM By FireEye | Advanced Malware
In mid-November, Mandiant, a FireEye company, responded to the first Shamoon 2.0 incident against an organization located in the Gulf states.Read more...