Lucene search
+L
FireeyeRecent

545 matches found

FireEye
FireEye
added 2016/01/12 2:49 p.m.181 views

End of Life for Internet Explorer 8, 9 and 10

Microsoft has started the year with an announcement that, effective Jan. 12, 2016, support for all older versions of Internet Explorer IE will come to an end known as an EoL, or End of Life. The affected versions are Internet Explorer 7, 8, 9, and 10. What this means for users is that Microsoft...

10CVSS8.6AI score0.88013EPSS
Exploits27
FireEye
FireEye
added 2016/01/07 8:56 p.m.231 views

Sandworm Team and the Ukrainian Power Authority Attacks

Update 1.11.16 - SANS ICS Team Connects Dots Updating the blog entry to bring attention to the recent analysis published by Mike Assante from the SANS ICS team. "After analyzing the information that has been made available by affected power companies, researchers, and the media it is clear that...

9.3CVSS7.9AI score0.81628EPSS
Exploits22
FireEye
FireEye
added 2016/01/07 8:56 p.m.194 views

Sandworm Team and the Ukrainian Power Authority Attacks

Update 1.11.16 - SANS ICS Team Connects Dots Updating the blog entry to bring attention to the recent analysis published by Mike Assante from the SANS ICS team. "After analyzing the information that has been made available by affected power companies, researchers, and the media it is clear that...

9.3CVSS7.9AI score0.81628EPSS
Exploits22
FireEye
FireEye
added 2015/12/28 9:1 a.m.46 views

FLARE Script Series: Automating Obfuscated String Decoding

Introduction We are expanding our script series beyond IDA Pro. This post extends the FireEye Labs Advanced Reverse Engineering FLARE script series to an invaluable tool for the reverse engineer – the debugger. Just like IDA Pro, debuggers have scripting interfaces. For example, OllyDbg uses an...

6.5AI score
Exploits0
FireEye
FireEye
added 2015/12/20 7:45 p.m.289 views

The EPS Awakens - Part 2

On Wednesday, Dec. 16, 2015, FireEye published The EPS Awakens, detailing an exploit targeting a previously unknown Microsoft Encapsulated Postscript EPS dict copy use-after-free vulnerability that was silently patched by Microsoft on November 10, 2015. The blog described the technical details of...

7.2CVSS8.3AI score0.562EPSS
Exploits38
FireEye
FireEye
added 2015/12/17 5:53 p.m.17 views

SlemBunk: An Evolving Android Trojan Family Targeting Users of Worldwide Banking Apps

FireEye mobile researchers recently identified a series of Android trojan apps that are designed to imitate the legitimate apps of 33 financial management institutions and service providers across the globe. We dub the family “SlemBunk,” and have seen it covering three major continents: North...

0.7AI score
Exploits0
FireEye
FireEye
added 2015/12/16 8:0 a.m.508 views

The EPS Awakens

On September 8, FireEye published details about an attack exploiting zero day vulnerabilities in Microsoft Office CVE-2015-2545 and Windows CVE-2015-2546. The attack was particularly notable because it leveraged PostScript to drive memory corruption in a way that had never been seen before. The...

9.3CVSS8.4AI score0.86053EPSS
Exploits40
FireEye
FireEye
added 2015/12/14 4:23 p.m.31 views

Uncovering Active PowerShell Data Stealing Campaigns

Loved by administrators, Windows PowerShell enables users to effectively perform automation and administrative tasks on local and remote systems. However, its power, ease of use, and widespread use has also made it attractive to attackers. Researchers first began demonstrating attacks involving...

0.4AI score
Exploits0
FireEye
FireEye
added 2015/12/11 6:53 a.m.33 views

LATENTBOT: Trace Me If You Can

FireEye Labs recently uncovered LATENTBOT, a new, highly obfuscated BOT that has been in the wild since mid-2013. It has managed to leave hardly any traces on the Internet, is capable of watching its victims without ever being noticed, and can even corrupt a hard disk, thus making a PC useless...

Exploits0
FireEye
FireEye
added 2015/12/11 6:53 a.m.343 views

LATENTBOT: Trace Me If You Can

FireEye Labs recently uncovered LATENTBOT, a new, highly obfuscated BOT that has been in the wild since mid-2013. It has managed to leave hardly any traces on the Internet, is capable of watching its victims without ever being noticed, and can even corrupt a hard disk, thus making a PC useless...

Exploits0
FireEye
FireEye
added 2015/12/09 12:0 p.m.152 views

Cybercrime News Results In Cybercrime Blues

INTRODUCTION FireEye Labs recently spotted a 2011 article on cybercrime from the news site theguardian.com that redirects users to the Angler Exploit Kit. Successful exploitation by Angler resulted in a malware infection for readers of the article. A spokesperson for the guardian.com responded th...

10CVSS0.1AI score0.94996EPSS
Exploits45
FireEye
FireEye
added 2015/12/07 8:0 a.m.26 views

Thriving Beyond The Operating System: Financial Threat Group Targets Volume Boot Record

In September, Mandiant Consulting identified a financially motivated threat group targeting payment card data using sophisticated malware that executes before the operating system boots. This rarely seen technique, referred to as a ‘bootkit’, infects lower-level system components making it very...

0.3AI score
Exploits0
FireEye
FireEye
added 2015/12/01 8:0 a.m.830 views

China-based Cyber Threat Group Uses Dropbox for Malware Communications and Targets Hong Kong Media Outlets

FireEye Threat Intelligence analysts identified a spear phishing campaign carried out in August 2015 targeting Hong Kong-based media organizations. A China-based cyber threat group, which FireEye tracks as an uncategorized advanced persistent threat APT group and other researchers refer to as...

9.3CVSS0.3AI score0.99966EPSS
Exploits12
FireEye
FireEye
added 2015/12/01 8:0 a.m.396 views

China-based Cyber Threat Group Uses Dropbox for Malware Communications and Targets Hong Kong Media Outlets

FireEye Threat Intelligence analysts identified a spear phishing campaign carried out in August 2015 targeting Hong Kong-based media organizations. A China-based cyber threat group, which FireEye tracks as an uncategorized advanced persistent threat APT group and other researchers refer to as...

9.3CVSS0.3AI score0.99966EPSS
Exploits12
FireEye
FireEye
added 2015/11/24 12:1 a.m.17 views

ModPOS: Highly-Sophisticated, Stealthy Malware Targeting US POS Systems with High Likelihood of Broader Campaigns

Today, iSIGHT Partners is sharing details about a highly sophisticated criminal malware framework that has been used to target point-of-sale POS systems at US-based retailers. We believe this very hard to detect malware is likely being used in broader campaigns and are disclosing details to help...

Exploits0
FireEye
FireEye
added 2015/11/16 1:0 p.m.28 views

Pinpointing Targets: Exploiting Web Analytics to Ensnare Victims

Over the past year, FireEye Threat Intelligence has identified suspected nation-state sponsored cyber-actors engaged in a large-scale reconnaissance effort. This effort makes use of web analytics—the technologies to collect, analyze, and report data The individuals behind this activity have amass...

0.3AI score
Exploits0
FireEye
FireEye
added 2015/11/16 8:0 a.m.18 views

FLARE IDA Pro Script Series: Automating Function Argument Extraction

...

3.2AI score
Exploits0
FireEye
FireEye
added 2015/11/13 1:32 p.m.473 views

Top-ranked Advertising Network Leads to Exploit Kit

Threat Overview The online advertisements that people see across a wide range of popular and lesser-known websites can lead to malware infections and other forms of compromise, sometimes without any user interaction whatsoever and without any indicators there is an issue. This emerging threat is...

10CVSS9.7AI score0.99344EPSS
Exploits6
FireEye
FireEye
added 2015/11/04 1:0 p.m.20 views

iBackDoor: High-Risk Code Hits iOS Apps

Introduction FireEye mobile researchers recently discovered potentially “backdoored” versions of an ad library embedded in thousands of iOS apps originally published in the Apple App Store. The affected versions of this library embedded functionality in iOS apps that used the library to display...

0.8AI score
Exploits0
FireEye
FireEye
added 2015/11/04 1:0 p.m.16 views

iBackDoor: High-Risk Code Hits iOS Apps

Introduction FireEye mobile researchers recently discovered potentially “backdoored” versions of an ad library embedded in thousands of iOS apps originally published in the Apple App Store. The affected versions of this library embedded functionality in iOS apps that used the library to display...

0.8AI score
Exploits0
FireEye
FireEye
added 2015/11/03 7:27 a.m.17 views

XcodeGhost S: A New Breed Hits the US

Just over a month ago, iOS users were warned of the threat to their devices by the XcodeGhost malware. Apple quickly reacted, taking down infected apps from the App Store and releasing new security features to stop malicious activities. Through continuous monitoring of our customers’ networks,...

1.2AI score
Exploits0
FireEye
FireEye
added 2015/06/23 12:21 p.m.160 views

Operation Clandestine Wolf – Adobe Flash Zero-Day in APT3 Phishing Campaign

Adobe has already released a patch for CVE-2015-3113 with an out-of-band security bulletin . FireEye recommends that Adobe Flash Player users update to the latest version as soon as possible. FireEye MVX detects this threat as a web infection, the IPS engine reports the attack as CVE-2015-3113, a...

10CVSS0.9994EPSS
Exploits4
FireEye
FireEye
added 2014/10/09 8:35 p.m.13 views

MIRcon 2014 – Day 2 Highlights

MIRcon 2014 It seemed fitting that the last day of MIRcon started with a total lunar eclipse and ended with an inspirational keynote address by renowned astrophysicist Dr. Neil deGrasse Tyson. After an amazing two days of content, MIRcon 2014 is officially in the books! Following are some of the...

0.7AI score
Exploits0
FireEye
FireEye
added 2014/10/08 1:56 a.m.24 views

MIRcon 2014 – Day 1 Highlights

The first day of MIRcon 2014 is officially done and was packed with thought-provoking keynotes, presentations and a one-of-a-kind reception. While there's too much to fit into this blog post, I wanted to provide you with some of the highlights: FireEye's COO, Kevin Mandia kicked-off MIRcon and wa...

1.5AI score
Exploits0
FireEye
FireEye
added 2014/08/20 2:56 p.m.24 views

Looking Ahead to MIRcon 2014

As targeted cyber attacks become increasingly prevalent, today's cybersecurity professionals are being tested like never before. The upcoming Mandiant Incident Response Conference MIRcon® - October 7 & 8, 2014 - offers attendees the chance to hear insights from some of the most respected and...

0.5AI score
Exploits0
FireEye
FireEye
added 2014/08/01 3:18 p.m.85 views

FLARE IDA Pro Script Series: Automatic Recovery of Constructed Strings in Malware

The FireEye Labs Advanced Reverse Engineering FLARE Team is dedicated to sharing knowledge and tools with the community. We started with the release of the FLARE On Challenge in early July where thousands of reverse engineers and security enthusiasts participated. Stay tuned for a write-up of the...

Exploits0
FireEye
FireEye
added 2014/07/17 10:0 a.m.346 views

Havex, It’s Down With OPC

FireEye recently analyzed the capabilities of a variant of Havex referred to by FireEye as “Fertger” or “PEACEPIPE”, the first publicized malware reported to actively scan OPC servers used for controlling SCADA Supervisory Control and Data Acquisition devices in critical infrastructure e.g., wate...

6.8AI score
Exploits0
FireEye
FireEye
added 2014/06/24 10:0 a.m.52 views

Turing Test in Reverse: New Sandbox-Evasion Techniques Seek Human Interaction

Last year, we published a paper titled Hot Knives Through Butter, Evading File-Based Sandboxes. In this paper, we explained many sandbox evasion methods--and today's blog post adds to our growing catalog. In the past, for example, we detailed the inner workings of a Trojan we dubbed UpClicker. Th...

0.1AI score
Exploits0
FireEye
FireEye
added 2014/06/12 10:0 a.m.16 views

Mergers and Acquisitions: When Two Companies and APT Groups Come Together

With Apple’s purchase of Beats, Pfizer’s failed bids for AstraZeneca, and financial experts pointing to a rally in the M&A market, the last month was a busy one for mergers and acquisitions. Of course, when we first see headlines of a high profile company’s plans for a merger or acquisition, we...

0.7AI score
Exploits0
FireEye
FireEye
added 2013/12/03 5:36 p.m.16 views

Preparing for Managed Security Services

Wade Woolwine Presents at MIRcon® 2013 As a complement to my MIRcon® 2013 presentation titled "Getting the Best Bang for the Buck with Managed Security Providers" and to address some questions I received from the audience, I have prepared a quick summary of my presentation. Many businesses consid...

0.5AI score
Exploits0
FireEye
FireEye
added 2013/11/19 4:26 p.m.14 views

Critical Infrastructure Beyond the Power Grid

The term "critical infrastructure" has earned its spot on the board of our ongoing game of cyber bingo--right next to "Digital Pearl Harbor," "Cyber 9/11," "SCADA" and "Stuxnet." With "critical infrastructure" thrown about in references to cyber threats nearly every week, we thought it was time f...

7.1AI score
Exploits0
FireEye
FireEye
added 2013/11/13 6:15 p.m.17 views

General Michael Hayden Talks about the Future of Cybersecurity at MIRcon 2013

When you've got some of the cybersecurity industry's best and brightest practitioners in one room, just how do you top the conversations they're having across the breakfast table? By getting one of the foremost experts on cybersecurity to deliver a top notch speech on the future of the industry,...

0.1AI score
Exploits0
FireEye
FireEye
added 2013/11/07 7:47 p.m.109 views

MIRcon 2013 – Day 2 Highlights

Thanks for another wonderful MIRcon®, everyone! It's been an honor to bring together so many leading minds in cybersecurity, and to foster conversations about what we can all do to safeguard the information and innovationson which so much of us rely on. The second and final day of MIRcon 2013...

6.6AI score
Exploits0
FireEye
FireEye
added 2013/11/06 8:54 p.m.14 views

MIRcon 2013 – Day 1 Highlights

Happy Day 2 of MIRcon®! Yesterday, Mandiant's CEO Kevin Mandia kicked off MIRcon 2013 with a keynote on attacking the security gap, discussing the necessity of information-sharing and his experience witnessing the evolution of cybercrime. From there we moved on to thought-provoking discussions in...

0.6AI score
Exploits0
FireEye
FireEye
added 2013/10/08 6:51 p.m.6 views

MIRcon Preview: What to Expect in the Technical Track

MIRcon 2013, Nov. 5-6, Washington, DC is right around the corner. Have you registered yet? Don't miss out! With targeted attacks continuing for the foreseeable future, you should be sure to take advantage of this opportunity to learn from leading industry cybersecurity experts. The two day...

0.1AI score
Exploits0
FireEye
FireEye
added 2013/10/07 4:20 p.m.10 views

MIRcon Preview: Why C-Level Executives Should Attend

Security conferences come and go and most are well attended by information security practitioners for professional development and networking. But what about the executives who are responsible for strategy and who hold the budgets - what conferences should they attend? With MIRcon 2013, Nov. 5-6,...

3.1AI score
Exploits0
FireEye
FireEye
added 2013/03/20 5:26 p.m.211 views

Internet Explorer 8 Exploit Found in Watering Hole Campaign Targeting Chinese Dissidents

On March 16th, we discovered a premeditated waterhole campaign that hosts exploits and malware on websites frequented by a specific target group. In this case the target includes Chinese dissidents. For the attacker, this approach is highly attractive since it is very difficult to discover the...

10CVSS9.6AI score0.97612EPSS
Exploits51
FireEye
FireEye
added 2013/03/04 6:5 p.m.78 views

Redline: Answering Your Questions

Those of you who attended the "Tools of Engagement: Redline™ - We've Got the Tool, If You've Got the Time" webinar last month by David Ross and myself will recall that we ran short on time while answering all of your questions. The webinar covered the latest updates to Redline, Mandiant's free to...

7.2AI score
Exploits0
FireEye
FireEye
added 2012/12/31 4:6 p.m.62 views

A Look Back at 2012: The Armory

As we are mere hours away from celebrating 2013, we'd like to focus today on M-Unition's Armory channel. The Armory is the place to be if you want to be the first to find out about the latest releases, free tools and of course, our ever popular M-Trends report. The most popular posts in this...

0.3AI score
Exploits0
FireEye
FireEye
added 2012/11/08 9:5 p.m.24 views

Memoryze for the Mac: Support Added for OS X Mountain Lion (10.8)

Earlier this year, Mandiant launched a new freeware tool: Memoryze for the Mac™. The tool brings many of the features of Memoryze™ to the Apple® Macintosh platform, enabling acquisition of memory images via the command-line or a simple GUI. We are excited to announce it now fully supports OS X...

0.1AI score
Exploits0
FireEye
FireEye
added 2012/11/07 4:51 p.m.24 views

An In-Depth Look Into Data Stacking

Mandiant's Nick Bennett and Jake Valletta discussed data stacking at MIRcon™ last month. If you were unable to attend the talk, we will discuss this data analysis technique here on the M-Unition blog. What is Data Stacking? Data stacking is the application of frequency analysis to large volumes o...

0.4AI score
Exploits0
FireEye
FireEye
added 2012/10/31 6:36 p.m.16 views

That’s a Wrap! Highlights from MIRcon 2012

Three years ago when we set out to create a conference that would bring together the greatest minds in the information security industry, we could not imagine the overwhelmingly positive response and growth MIRcon™ would receive year after year. Our goal for MIRcon is simple: to inform innovators...

6.8AI score
Exploits0
FireEye
FireEye
added 2012/10/15 5:54 p.m.31 views

New Mandiant Offering: Response Readiness Assessment

Today, I am pleased to announce the release of Mandiant's newest Strategic Solutions offering: Response Readiness Assessment. In this post, I'll explain what the service provides, why our customer's requested such a service, and who can benefit from the Response Readiness Assessment offering...

2.2AI score
Exploits0
FireEye
FireEye
added 2012/09/24 3:50 p.m.13 views

MIRcon 2012: Overall Themes for the Management Track

Mandiant will host its third annual MIRcon on October 17th and 18th in Washington, DC. I attended the previous two MIRcon conferences, first as Director of Incident Response for my previous employer, and last year as Mandiant's Chief Security Officer. Last year we decided to host both a technical...

1.1AI score
Exploits0
FireEye
FireEye
added 2012/06/28 4:2 p.m.47 views

Unibody Memory Analysis -- Introducing Memoryze™ for the Mac 1.0

Today, Mandiant is introducing a new free tool, Memoryze™ for the Mac 1.0, which brings memory imaging and analysis to the Mac. It joins a growing list of freeware tools Mandiant currently provides. Memoryze™ for the Mac 1.0 brings many of the features of Memoryze™ to the Apple Macintosh platform...

6.6AI score
Exploits0
Total number of security vulnerabilities545