Home | Latest News | Popular News | Our Network | About | Contact
Security News from 'FireEye Research' | www.SecurityPhresh.com
Security News from 'FireEye Research'
Showing 'Security News from 'FireEye Research'' from 71 to 80
Poison Ivy: Assessing Damage And Extracting Intelligence
26th Jan 2018 [10 months ago] from FireEye Research
Today, our research team is publishing a reporton the Poison Ivy family of remote access tools (RATs) along with apackage of tools created to work as a balm of sorts — naturally, we’recalling the package “Calamine.”In an era of...
Operation Molerats: Middle East Cyber Attacks Using Poison Ivy
26th Jan 2018 [10 months ago] from FireEye Research
Dont be too hasty to link every Poison Ivy-based cyber attack toChina. The popular remote access tool (RAT), whichwe recently detailed on this blog, is being used in a broadcampaign of attacks launched from the Middle East, too.First, some...
Njw0rm - Brother From The Same Mother
26th Jan 2018 [10 months ago] from FireEye Research
FireEye Labs hasdiscovered an intriguing new sibling of the njRAT remote access tool(RAT) that one-ups its older brother with a couple ofdiabolically clever features. Created by the same author as njRAT —afreelance coder who goes by the...
Breaking Down The China Chopper Web Shell - Part II
26th Jan 2018 [10 months ago] from FireEye Research
Part II in a two-part series. Read Part I.Introduction In PartI of this series, I described China Choppers easy-to-useinterface and advanced features — all the more remarkable consideringthe Web shells tiny size: 73 bytes for the aspx...
Breaking Down The China Chopper Web Shell - Part I
26th Jan 2018 [10 months ago] from FireEye Research
Part I in a two-part series.China Chopper: The Little Malware That CouldChina Chopper is a slick little web shell that does not get enoughexposure and credit for its stealth. Other than a goodblog post from security researcher Keith Tyler,...
CVE-2013-3346/5065 Technical Analysis
26th Jan 2018 [10 months ago] from FireEye Research
In ourlast post, we warned of a newWindows local privilege escalation vulnerability being used inthe wild. We noted that the Windows bug (CVE-2013-5065) was exploitedin conjunction with a patched Adobe Reader bug (CVE-2013-3346) toevade...
MisoSMS: New Android Malware Disguises Itself As A Settings App, Steals SMS Messages
26th Jan 2018 [10 months ago] from FireEye Research
FireEye has uncovered and helped weaken one of the largest advancedmobile botnets to date. The botnet, which we are dubbing “MisoSMS,”has been used in at least 64 spyware campaigns, stealing text messagesand emailing them to cybercriminals...
The Dual Use Exploit: CVE-2013-3906 Used In Both Targeted Attacks And Crimeware Campaigns
26th Jan 2018 [10 months ago] from FireEye Research
A zero-dayvulnerability was recently discovered that exploits a Microsoftgraphics component using malicious Word documents as the initialinfection vector. Microsoft has confirmedthat this exploit has been used in “attacks observed are...
Supply Chain Analysis: From Quartermaster To Sunshop
26th Jan 2018 [10 months ago] from FireEye Research
Today, we released a new report from FireEye Labs entitled SupplyChain Analysis: From Quartermaster to Sunshop.The report details how many seemingly unrelated cyber attacks may,in fact, be part of a broader offensive fueled by a shared...
Operation Ephemeral Hydra: IE Zero-Day Linked To DeputyDog Uses Diskless Method
26th Jan 2018 [10 months ago] from FireEye Research
Recently, we discovered a new IE zero-day exploit in the wild, whichhas been used in a strategic Web compromise. Specifically, theattackers inserted this zero-day exploit into a strategicallyimportant website, known to draw visitors that...
« Newer 3 4 5 6 7 8 9 10 11 12 Older »