Displaying items by tag: Kevin Mandia

Microsoft and security firm FireEye's Mandiant Threat Intelligence division have published further details about the SolarWinds attacks, but neither company has fully verified the claims they make.

Comments made by Microsoft president Brad Smith to the US Senate Select Committee on Intelligence, which held a hearing on the SolarWinds attacks last week, claiming that there is more security in the cloud than in on-premises servers, have met a tough response from former NSA hacker Jake Williams, who characterised them as having caused more harm to security than the SolarWinds attackers did in the first place.

ANALYSIS When did American cyber security firm FireEye become aware that it had been compromised and its crown jewels — its Red Team tools — stolen?

Former NSA hacker Jake Williams has criticised the SEC filing made by security firm SolarWinds following the disclosure that the company's Orion network management software had been compromised and used to breach numerous companies in many regions of the globe.

A backdoored binary that was said to have allowed compromises of companies in a number of countries is still present on the site of American vendor SolarWinds, a tech researcher says.

The company at the centre of the global intrusion detailed by security company FireEye on Monday AEDT — SolarWinds — has quietly taken down the page on its website which had a list of its elite customers.

American cyber security firm FireEye, which last week said it had suffered a breach and lost its attack tools, says it has identified a global campaign to compromise public and private sector bodies through corruption of software supply chains, using software that runs on Windows.

American cyber security company FireEye, which announced a couple of days ago that it had been compromised by unknown attackers who stole its offensive tools, has been accused of having poor Internet-facing security by a British company that specialises in PKI.

Whenever FireEye, the cyber security firm that just had its crown jewels compromised, publishes a report on some activity by malicious attackers, it always issues a judgment on where they come from – with high confidence most of the time.

Cyber security vendor FireEye has a considerable amount of egg on its face after the tools used by its Red Team — an attack unit — have been stolen by a group that it claims is a "highly sophisticated state-sponsored adversary".

US security firm FireEye claims that malware named Triton that was used to attack industrial control systems last year is connected to a Russian Government-owned research institute.

The author of a book who wrote that the security firm Mandiant had hacked into the computers of a Chinese military unit while it was investigating the activities of the group, known as APT1, appears to be standing by his claims.

A statement by the head of security firm FireEye that US government spooks produce "nice" malware when compared to that of other states has been reported by the American tech news website Cyberscoop – and allowed to pass unchallenged.

Hackers have changed their modus operandi, turning their attentions to more destructive cyber-attacks, destroying corporate data, or holding it for ransom rather than just merely pilfering it.