Home | Latest News | Popular News | Our Network | About | Contact
Security News from 'FireEye Research' | www.SecurityPhresh.com
Security News from 'FireEye Research'
Showing 'Security News from 'FireEye Research'' from 21 to 30
Suspected Chinese Cyber Espionage Group (TEMP.Periscope) Targeting U.S. Engineering And Maritime Industries
15th Mar 2018 [2 months ago] from FireEye Research
Intrusions Focus on the Engineering and Maritime SectorSince early 2018, FireEye (including our FireEye as a Service(FaaS), Mandiant Consulting, and iSIGHT Intelligence teams) has beentracking an ongoing wave of intrusions targeting engineering...
Iranian Threat Group Updates Tactics, Techniques And Procedures In Spear Phishing Campaign
13th Mar 2018 [2 months ago] from FireEye Research
IntroductionFrom January 2018 to March 2018, through FireEye’s Dynamic ThreatIntelligence, we observed attackers leveraging the latest codeexecution and persistence techniques to distribute maliciousmacro-based documents to individuals...
APT37 (Reaper): The Overlooked North Korean Actor
20th Feb 2018 [3 months ago] from FireEye Research
On Feb. 2, 2018, we published a blogdetailing the use of an Adobe Flash zero-dayvulnerability (CVE-2018-4878) by a suspected North Korean cyberespionage group that we now track as APT37 (Reaper).Our analysis of APT37’s recent activity...
CVE-2017-10271 Used To Deliver CryptoMiners: An Overview Of Techniques Used Post-Exploitation And Pre-Mining
15th Feb 2018 [3 months ago] from FireEye Research
IntroductionFireEye researchers recently observed threat actors abusingCVE-2017-10271 to deliver various cryptocurrency miners.CVE-2017-10271 is a known input validation vulnerability that existsin the WebLogic Server Security Service (WLS...
ReelPhish: A Real-Time Two-Factor Phishing Tool
7th Feb 2018 [4 months ago] from FireEye Research
Social Engineering and Two-Factor AuthenticationSocial engineering campaigns are a constant threat to businessesbecause they target the weakest chain in security: people. A typicalattack would capture a victim’s username and password...
Attacks Leveraging Adobe Zero-Day (CVE-2018-4878) – Threat Attribution, Attack Scenario And Recommendations
2nd Feb 2018 [4 months ago] from FireEye Research
On Jan. 31, KISA (KrCERT) published an advisoryabout an Adobe Flash zero-day vulnerability (CVE-2018-4878)being exploited in the wild. On Feb. 1, Adobe issued an advisoryconfirming the vulnerabilityexists in Adobe Flash Player 28.0.0.137...
Trojan.APT.Seinup Hitting ASEAN
1st Feb 2018 [4 months ago] from FireEye Research
1. Executive SummaryThe FireEye research team has recently identified a number of spearphishing activities targeting Asia and ASEAN. Of these, one of thespear phishing documents was suspected to have used a potentiallystolen document as...
Sanny CnC Backend Disabled
26th Jan 2018 [4 months ago] from FireEye Research
We recently encountered in the wild another sample related to theSanny APT. For readers who are not familiar with the Sanny APT, pleaserefer to our previousblog for the background. The sample was using the same lure textand CVE-2012-0158...
MS Windows Local Privilege Escalation Zero-Day In The Wild
26th Jan 2018 [4 months ago] from FireEye Research
FireEye Labs hasidentified a new Windows local privilege escalation vulnerability inthe wild. The vulnerability cannot be used for remote code executionbut could allow a standard user account to execute code in the kernel.Currently, the...
Monitoring Vulnaggressive Apps On Google Play
26th Jan 2018 [4 months ago] from FireEye Research
Vulnaggressive Characteristics in Mobile Apps and Libraries FireEye mobile security researchers have discovered a rapidly-growingclass of mobile threats represented by popular ad libraries affectingapps with billions of downloads. These...
« Newer 1 2 3 4 5 6 7 8 9 10 Older »