Displaying items by tag: Mandiant

A widely deployed SSL VPN device known as Pulse Secure Connect has been revealed to have a serious vulnerability, with a Common Vulnerability Scoring System score of 10, the maximum possible, that can be exploited remotely.

Microsoft and security firm FireEye's Mandiant Threat Intelligence division have published further details about the SolarWinds attacks, but neither company has fully verified the claims they make.

Security firm Qualys has become the latest to be affected by a breach of a file transfer system manufactured by the firm Accellion, the company says.

Transport for NSW has been hit by an attack on a file transfer system manufactured by the firm Accellion, the agency says.

Cyber security firm FireEye has released new guidance for those who have been compromised by the SolarWinds attackers to harden their environments and remediate areas where attacks are feared.

Whenever FireEye, the cyber security firm that just had its crown jewels compromised, publishes a report on some activity by malicious attackers, it always issues a judgment on where they come from – with high confidence most of the time.

Security outfit FireEye has renamed its expertise- and intelligence-backed offerings to its threat intelligence unit, Mandiant, raising the possibility that it may look to sell this unit, one which it acquired in 2013 for about US$1 billion.

Well-known Google security researcher Tavis Ormandy has taken a swipe at security industry veteran Richard Bejtlich, after the latter chided him for releasing details about a vulnerability in Microsoft software after the 90-day period normally given for patching expired.

The FIN6 cyber crime group, that has in the past been involved in stealing payment card data, has allegedly expanded its activities to deploying Windows ransomware, the security firm FireEye claims.

The British Information Commissioner's Office has hit American credit information provider Equifax with a fine of £500,000 (A$909,321) over a data breach which the US firm disclosed on 7 September 2017 and which it said had occurred between mid-May and July that year. Passwords of British customers were stored in plain text, the ICO said.

The author of a book who wrote that the security firm Mandiant had hacked into the computers of a Chinese military unit while it was investigating the activities of the group, known as APT1, appears to be standing by his claims.

A claim by a prominent cyber security reporter that security firm Mandiant, a subsidiary of multinational security outfit FireEye, hacked into the computers of a Chinese military unit while it was investigating the activities of the group, known as APT1, appears to have alarmed the company which has issued a detailed denial.

Less than a month after American credit information provider Equifax announced a major data breach, the US Internal Revenue Service has awarded the company a US$7.25 million contract to verify taxpayer identities and help prevent fraud.

The systems of American credit information provider Equifax were breached back in March, according to a confidential note sent by the company to some customers.

FireEye has announced its early adopter programme for FireEye Helix, an intelligence-led platform to enhance security operations and deliver security everywhere: public or private cloud, on-premise or hybrid, network or endpoint.

Hackers have changed their modus operandi, turning their attentions to more destructive cyber-attacks, destroying corporate data, or holding it for ransom rather than just merely pilfering it.