Remote Desktop Protocol (RDP) is a beneficial tool, but threat actors can also use it, with compromised domain credentials, to move laterally across networks with limited segmentation.

FireEye's Innovation and Custom Engineering team released a tool called GoCrack that allows red teams to efficiently manage password cracking tasks across multiple GPU servers by providing an easy-to-use, web-based real-time UI to create, view, and manage tasks.

FireEye has observed APT34 using an exploit for a recently patched Microsoft Office vulnerability to target a government organization in the Middle East.

In this blog, learn about a simple debugging tactic for creating “save points” during iterative remote debugging of complex multi-stage samples that execute code in heap memory at non-deterministic addresses.

Learn more about a suspected North Korean cyber espionage group that we now track as APT37 (Reaper).

Pywintrace is a Python package developed by the FireEye Innovation and Custom Engineering (ICE) team to fill the need for a flexible wrapper around Windows APIs to accelerate ETW research.

To improve social engineering assessments, we developed a tool – named ReelPhish – that simplifies the real-time phishing technique.

This DOSfuscation white paper showcases nine months of research into several facets of command line argument obfuscation that affect static and dynamic detection approaches. 

Since early 2018, FireEye has been tracking an ongoing wave of intrusions targeting engineering and maritime entities, especially those connected to South China Sea issues.