Our latest report, Overload: Critical Lessons from 15 Years of ICS Vulnerabilities, highlights trends in total ICS vulnerability disclosures, patch availability, vulnerable device type and vulnerabilities exploited in the wild.Read more...
Entries filed under 'Threat Research'
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
July 27, 2016 10:00 AM By Evan Pena, Chris King, Christopher Truncer | Vulnerabilities, Threat Research
The FireEye Red Team creates and modifies tools as a need is identified. Some tools introduce new techniques to accomplish a goal, while others simply automate existing tools and techniques to scale better. This blog discusses some new tools we've developed or significantly contributed to that make our lives easier, and offers some case studies to demonstrate them.
July 19, 2016 4:45 PM By Gaurav Dalal, Rundong Liu, Mary Grace Timcang, Lance Ward | Threat Research, Exploits
Detecting phishing website campaigns that appear to be legitimate sites can be tricky, particularly when the attacker leverages some evasion techniques. Users may be redirected to phishing pages after clicking on a malicious link. Using our email MPS platform, FireEye has identified a recent campaign that is primarily targeting Amazon customers in the U.S., Canada and Europe.Read more...
July 18, 2016 8:00 AM By Ankit Anubhav , Raghav Ellur | Advanced Malware, Threat Research
A new feature of the FireEye Endpoint Security platform detected a Cerber ransomware campaign and alerted customers in the field. The campaign distributed a malicious Microsoft Word document that could contact an attacker-congrolled website to download and install the Cerber family of ransomware.
July 14, 2016 4:37 PM By Kenneth Johnson , Yasir Khalid, Dan Caselden, Sai Omkar Vashisht | Exploits, Threat Research
The Neutrino EK adopted an open-source exploit and now uses it to embed multiple exploits into a SWF file.