Displaying items by tag: FireEye

A suspected Russian intrusion into Microsoft's corporate systems, which was disclosed in January, also affected US federal government systems, according to the US Cybersecurity and Infrastructure Security Agency.

The US Securities and Exchange Commission has sued software vendor SolarWinds and its chief information security officer, Timothy Brown, over fraud and internal control failures relating to allegedly known cyber security risks and vulnerabilities.

The group of attackers revealed to have compromised SolarWinds Orion monitoring software back in December 2020 are claimed to be back again, and Microsoft has given them a new name to boot.

The verdict in a case filed by investors against the directors of the software firm SolarWinds, claiming they were aware of the risks that the firm's software posed, but failed to act to prevent devastating attacks that came to light in 2020, has gone in favour of the company.

Security firm SolarWinds has avoided a lawsuit filed by investors in Delaware last year, with Delaware Court of Chancery vice-chancellor Sam Glasscock dismissing the suit.

Security vendor Bitdefender has appointed Kevin Dyson to the role of ANZ regional director, and Greg Ryan to the role of regional sales director.

Security firm Mandiant says it has not mentioned any zero-day exploit usage by Western government agencies in a report about incidents in 2021 because it did not find any exploits which it could identify with reasonable confidence as coming from these sources.

Search giant Google has announced it will acquire the security firm Mandiant for US$5.4 billion (A$7.4 billion) in an all-cash transaction, adding that the firm will join Google Cloud after the acquisition is complete.

McAfee Enterprise and FireEye have come together to create a resilient digital world as Trellix, and the new company’s first research report has come out. It reveals the magnitude of the Log4j vulnerability which dominated headlines and the focus of security teams and defenders alike - along with other insights into security issues in the third quarter of 2021. The report is a fascinating - and deeply sobering - read.

There's a new name in the security market. Trellix focusses on extended detection and response, and brings together two familiar companies.

IT and telecoms provider Over the Wire has appointed Lani Edwards to the role of general manager of partner and wholesale.

Investors in SolarWinds have sued the directors of the company, claiming they were aware of the risks that the firm's software posed, but failed to act to prevent devastating attacks that came to light last year.

Microsoft claims to have detected what it characterises as nation-state activity by an adversary it calls Nobelium — the SolarWinds attackers who are also known as APT29 and Cozy Bear — trying to gain access to customers of multiple cloud providers, including itself.

Attacks on SolarWinds software in July were possible because the company had compiled some dynamic link libraries without Address Space Layout Randomisation, Microsoft claims in a security brief.

Three zero-day vulnerabilities in SonicWall's Email Security product that were being exploited in the wild have been reported by American security firm FireEye's Mandiant Managed Defence unit.

A widely deployed SSL VPN device known as Pulse Secure Connect has been revealed to have a serious vulnerability, with a Common Vulnerability Scoring System score of 10, the maximum possible, that can be exploited remotely.

The United States has alleged that the Russian security agency known as the Foreign Intelligence Service was responsible for the attack on the supply chain of SolarWinds Orion network management software.

Cloud visibility and analytics provider Gigamon has announced its latest Gigamon Hawk technical integration with the intelligence-led security company FireEye.

A Republican senator from Ohio has criticised the US Government over taking more than three months to say who was accountable for not stopping the SolarWinds supply chain attack that first came to light in December 2020.

Email security firm Mimecast says a hit on its infrastructure by attackers who used the SolarWinds supply chain to gain access, went deeper than already reported, with some of the company's source code being stolen.