Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
March 21, 2016 8:30 AM By Robert Venal, Rex Plantado, Ronghwa Chong | Advanced Malware, Threat Research
Cybercriminals continue to innovate, finding creative ways of making threats harder to detect using static signatures. A recent strategy involves two large Dridex campaigns that changed the attachment file type and location to avoid scanners.Read more...
March 18, 2016 8:30 AM By Kenneth Johnson , J. Gomez | Exploits, Threat Research
Visitors to a Korean news site are being redirected to the GongDa Exploit Kit, which we believe has its origins in China. The EK can compromise vulnerable endpoints, allowing harmful malware to be installed.
March 15, 2016 8:00 AM By Tony Lee, Charles Carmakal | Threat Research, Vulnerabilities
Our experience shows that attackers are increasingly using Citrix solutions to remotely access victim environments post-compromise, instead of using traditional backdoors, remote access tools, or other types of malware. Mandiant and Citrix teamed up to provide guidance on the most significant risks posed to Citrix XenApp and XenDesktop implementations.Read more...
A Growing Number of Android Malware Families Believed to Have a Common Origin: A Study Based on Binary CodeMarch 11, 2016 5:08 PM By Wu Zhou, Jimmy Su, Junyuan Zeng, Linhai Song | Advanced Malware, Threat Research
A sophisticated malware family has enough code similarities to indicate that it shares a common origin with SlemBunk.Read more...