FireEye recently discovered data-stealing campaigns in which nearly all steps of the attack cycle involved simple, yet efficient, PowerShell commands. PowerShell is now often used in attacks and especially when it is in a corporate environment, it should be well regulated and monitored with enhanced logging. Security teams should be aware of how PowerShell can be maliciously used and cultivate expertise investigating PowerShell attacks.Read more...
Entries filed under 'Advanced Malware'
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
December 7, 2015 8:00 AM By Dimiter Andonov, Willi Ballenthin, Nalani Fraser, Will Matson, Jay Taylor | Advanced Malware
A threat group is targeting payment card data using sophisticated malware that can continue operating even after the operating system has been reinstalled.
November 16, 2015 8:00 AM By Jay Smith | Advanced Malware
October 27, 2015 3:00 PM By Fred House, Andrew Davis, Claudiu Teodorescu | Advanced Malware