Our experience shows that attackers are increasingly using Citrix solutions to remotely access victim environments post-compromise, instead of using traditional backdoors, remote access tools, or other types of malware. Mandiant and Citrix teamed up to provide guidance on the most significant risks posed to Citrix XenApp and XenDesktop implementations.Read more...
Threat Research Blog
The FireEye Labs team posts blog entries under threat research to present and discuss cyber attacks and threat intelligence from a technical perspective. They cover the full spectrum of exploits and vulnerabilities, including advanced malware and targeted threats.
A Growing Number of Android Malware Families Believed to Have a Common Origin: A Study Based on Binary CodeMarch 11, 2016 5:08 PM By Wu Zhou, Jimmy Su, Junyuan Zeng, Linhai Song | Advanced Malware, Threat Research
A sophisticated malware family has enough code similarities to indicate that it shares a common origin with SlemBunk.Read more...
March 9, 2016 11:00 AM By Michael Bailey | Exploits, Threat Research
As defensive security controls raise the bar to attack, attackers will employ increasingly sophisticated techniques to complete their mission. Understanding the mechanics and impact of these threats is essential to systematically discover and deflect the coming wave of advanced attacks.Read more...
March 8, 2016 8:00 AM By Brian Jones | Exploits, Threat Research
February 23, 2016 8:00 AM By Abdulellah Alsaheel , Raghav Pande | Advanced Malware, Threat Research
Microsoft's Enhanced Mitigation Experience Toolkit, EMET, adds security mitigations beyond what's built into the operating system, but attackers are sometimes able to bypass it. We discuss how in this blog.