Displaying items by tag: FireEye

There's a new name in the security market. Trellix focusses on extended detection and response, and brings together two familiar companies.

IT and telecoms provider Over the Wire has appointed Lani Edwards to the role of general manager of partner and wholesale.

Investors in SolarWinds have sued the directors of the company, claiming they were aware of the risks that the firm's software posed but failed to act to prevent devastating attacks that came to light last year.

Microsoft claims to have detected what it characterises as nation-state activity by an adversary it calls Nobelium — the SolarWinds attackers who are also known as APT29 and Cozy Bear — trying to gain access to customers of multiple cloud providers, including itself.

Attacks on SolarWinds software in July were possible because the company had compiled some dynamic link libraries without Address Space Layout Randomisation, Microsoft claims in a security brief.

Three zero-day vulnerabilities in SonicWall's Email Security product that were being exploited in the wild have been reported by American security firm FireEye's Mandiant Managed Defence unit.

A widely deployed SSL VPN device known as Pulse Secure Connect has been revealed to have a serious vulnerability, with a Common Vulnerability Scoring System score of 10, the maximum possible, that can be exploited remotely.

The United States has alleged that the Russian security agency known as the Foreign Intelligence Service was responsible for the attack on the supply chain of SolarWinds Orion network management software.

Cloud visibility and analytics provider Gigamon has announced its latest Gigamon Hawk technical integration with the intelligence-led security company FireEye.

A Republican senator from Ohio has criticised the US Government over taking more than three months to say who was accountable for not stopping the SolarWinds supply chain attack that first came to light in December 2020.

Email security firm Mimecast says a hit on its infrastructure by attackers who used the SolarWinds supply chain to gain access, went deeper than already reported, with some of the company's source code being stolen.

Microsoft and security firm FireEye's Mandiant Threat Intelligence division have published further details about the SolarWinds attacks, but neither company has fully verified the claims they make.

Security firm Qualys has become the latest to be affected by a breach of a file transfer system manufactured by the firm Accellion, the company says.

Comments made by Microsoft president Brad Smith to the US Senate Select Committee on Intelligence, which held a hearing on the SolarWinds attacks last week, claiming that there is more security in the cloud than in on-premises servers, have met a tough response from former NSA hacker Jake Williams, who characterised them as having caused more harm to security than the SolarWinds attackers did in the first place.

Transport for NSW has been hit by an attack on a file transfer system manufactured by the firm Accellion, the agency says.

Microsoft has admitted that the malicious attackers involved in a supply chain attack gained access to some part of the source code for its Azure, Exchange and Intune products.

ANALYSIS The assertion by Microsoft President Brad Smith during a 60 Minutes interview with CBS on Sunday that the supply chain attack revealed by security firm FireEye in December was "the largest and most sophisticated attack the world has ever seen" has once again raised the question of the extent to which Microsoft was involved in this attack.

Email security firm Mimecast has admitted that the compromise of a certificate it had issued for some Microsoft services is connected to the SolarWinds supply chain incident.

GUEST RESEARCH: In December 2020, FireEye uncovered and publicly disclosed a widespread attacker campaign that is being tracked as UNC2452. In some, but not all, of the intrusions associated with this campaign where Mandiant has visibility, the attacker used their access to on-premises networks to gain unauthorized access to the victim’s Microsoft 365 environment.

Cyber security firm FireEye has released new guidance for those who have been compromised by the SolarWinds attackers to harden their environments and remediate areas where attacks are feared.