FakeNet-NG is a powerful and highly configurable tool that can be used to perform more advanced tasks such as process and traffic filtering, aiding in automatic malware unpacking, security assessment of thick-client applications and many others.Read more...
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
July 27, 2016 10:00 AM By Evan Pena, Chris King, Christopher Truncer | Threat Research, Vulnerabilities
The FireEye Red Team creates and modifies tools as a need is identified. Some tools introduce new techniques to accomplish a goal, while others simply automate existing tools and techniques to scale better. This blog discusses some new tools we've developed or significantly contributed to that make our lives easier, and offers some case studies to demonstrate them.
July 19, 2016 4:45 PM By Gaurav Dalal, Lance Ward, Mary Grace Timcang, Rundong Liu | Exploits, Threat Research
Detecting phishing website campaigns that appear to be legitimate sites can be tricky, particularly when the attacker leverages some evasion techniques. Users may be redirected to phishing pages after clicking on a malicious link. Using our email MPS platform, FireEye has identified a recent campaign that is primarily targeting Amazon customers in the U.S., Canada and Europe.Read more...
July 18, 2016 8:00 AM By Ankit Anubhav , Raghav Ellur | Advanced Malware, Threat Research
A new feature of the FireEye Endpoint Security platform detected a Cerber ransomware campaign and alerted customers in the field. The campaign distributed a malicious Microsoft Word document that could contact an attacker-congrolled website to download and install the Cerber family of ransomware.
July 14, 2016 4:37 PM By Kenneth Johnson , Dan Caselden, Sai Omkar Vashisht, Yasir Khalid | Exploits, Threat Research
The Neutrino EK adopted an open-source exploit and now uses it to embed multiple exploits into a SWF file.