Clik here to view.
Clandestine Fox, Part Deux
We reported at the end of April and the beginning of May on an APT threat group leveraging a zero-day vulnerability in Internet Explorer via phishing email attacks. While Microsoft quickly released a...
View ArticleMergers and Acquisitions: When Two Companies and APT Groups Come Together
With Apple’s purchase of Beats, Pfizer’s failed bids for AstraZeneca, and financial experts pointing to a rally in the M&A market, the last month was a busy one for mergers and acquisitions. Of...
View ArticleClik here to view.
Havex, It’s Down With OPC
FireEye recently analyzed the capabilities of a variant of Havex (referred to by FireEye as “Fertger” or “PEACEPIPE”), the first publicized malware reported to actively scan OPC servers used for...
View ArticleClik here to view.
Operation SnowMan: DeputyDog Actor Compromises US Veterans of Foreign Wars...
On February 11, FireEye identified a zero-day exploit (CVE-2014-0322) being served up from the U.S. Veterans of Foreign Wars’ website (vfw[.]org). We believe the attack is a strategic Web compromise...
View ArticleClik here to view.
Havex, It’s Down With OPC
FireEye recently analyzed the capabilities of a variant of Havex (referred to by FireEye as “Fertger” or “PEACEPIPE”), the first publicized malware reported to actively scan OPC servers used for...
View ArticleClik here to view.
Operation SnowMan: DeputyDog Actor Compromises US Veterans of Foreign Wars...
On February 11, FireEye identified a zero-day exploit (CVE-2014-0322) being served up from the U.S. Veterans of Foreign Wars’ website (vfw[.]org). We believe the attack is a strategic Web compromise...
View ArticleClik here to view.
Havex, It’s Down With OPC
FireEye recently analyzed the capabilities of a variant of Havex (referred to by FireEye as “Fertger” or “PEACEPIPE”), the first publicized malware reported to actively scan OPC servers used for...
View ArticleClik here to view.
Pacific Ring of Fire: PlugX / Kaba
As depicted in earlier FireEye blogs, advanced cyber attacks are no strangers to the Asia Pacific region. In this blog, we take a deeper look at some of the advanced persistent threat (APT) malware...
View ArticleClik here to view.
Operation GreedyWonk: Multiple Economic and Foreign Policy Sites Compromised,...
Less than a week after uncovering Operation SnowMan, the FireEye Dynamic Threat Intelligence cloud has identified another targeted attack campaign — this one exploiting a zero-day vulnerability in...
View ArticleClik here to view.
Pacific Ring of Fire: PlugX / Kaba
As depicted in earlier FireEye blogs, advanced cyber attacks are no strangers to the Asia Pacific region. In this blog, we take a deeper look at some of the advanced persistent threat (APT) malware...
View ArticleClik here to view.
Operation Poisoned Hurricane
Introduction Our worldwide sensor network provides researchers at FireEye Labs with unique opportunities to detect innovative tactics employed by malicious actors and protects our clients from these...
View ArticleBlack Hat USA Talks – Leviathan: Command And Control Communications On Planet...
Every day, computer network attackers leverage a Leviathan of compromised infrastructure, based in every corner of the globe, to play hide-and-seek with network security, law enforcement, and...
View ArticleClik here to view.
Darwin’s Favorite APT Group
Introduction The attackers referred to as APT12 (also known as IXESHE, DynCalc, and DNSCALC) recently started a new campaign targeting organizations in Japan and Taiwan. APT12 is believed to be a cyber...
View ArticleClik here to view.
The Path to Mass-Producing Cyber Attacks
Lines of people, lines of parts. The modern production line is composed of individuals contributing to a larger process. This common manufacturing approach is efficient, effective, and profitable. Now...
View ArticleNew Zero-Day Exploit targeting Internet Explorer Versions 9 through 11...
Summary FireEye Research Labs identified a new Internet Explorer (IE) zero-day exploit used in targeted attacks. The vulnerability affects IE6 through IE11, but the attack is targeting IE9 through...
View ArticleClik here to view.
The Path to Mass-Producing Cyber Attacks
Lines of people, lines of parts. The modern production line is composed of individuals contributing to a larger process. This common manufacturing approach is efficient, effective, and profitable. Now...
View ArticleNew Zero-Day Exploit targeting Internet Explorer Versions 9 through 11...
Summary FireEye Research Labs identified a new Internet Explorer (IE) zero-day exploit used in targeted attacks. The vulnerability affects IE6 through IE11, but the attack is targeting IE9 through...
View ArticleClik here to view.
The Path to Mass-Producing Cyber Attacks
Lines of people, lines of parts. The modern production line is composed of individuals contributing to a larger process. This common manufacturing approach is efficient, effective, and profitable. Now...
View ArticleData Theft in Aisle 9: A FireEye Look at Threats to Retailers
While cybercriminals continue to target the payment card and banking information of individual users, they seem increasingly aware that compromising retailers is more lucrative. Targeting retailers is...
View ArticleTwo Limited, Targeted Attacks; Two New Zero-Days
The FireEye Labs team has identified two new zero-day vulnerabilities as part of limited, targeted attacks against some major corporations. Both zero-days exploit the Windows Kernel, with Microsoft...
View Article