FireEye Labs recently identified a previously unobserved version of Ploutus, dubbed Ploutus-D, that interacts with KAL’s Kalignite multivendor ATM platform. The samples we identified target the ATM vendor Diebold.Read more...
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
January 11, 2017 11:00 AM By FireEye iSIGHT Intelligence | Threat Intelligence
FireEye releases a new report, APT28: At the Center of the Storm, that focuses on Russian-sponsored cyber activities, and how we expect the group will continue to operate.Read more...
January 9, 2017 11:00 AM By Mohammed Mohsin Dalla | Advanced Malware
FireEye Labs discovered a phishing campaign in the wild that is targeting primarily U.S.-based Netflix users.
FLARE Script Series: Querying Dynamic State using the FireEye Labs Query-Oriented Debugger (flare-qdb)January 4, 2017 9:02 AM By Michael Bailey | Advanced Malware
The latest in the script series from the FireEye Labs Advanced Reverse Engineering (FLARE) steps through a command-line utility and Python module for querying and altering dynamic binary state.
December 15, 2016 8:00 AM By David Pany, Fred House | Advanced Malware
Records enable analysts to identify both executed files and deleted attacker files. Microsoft's System Center Configuration Manager (SSCM) software can record the several forensic artifacts that provide critical information in these files as part of a well-balanced investigation strategy.Read more...