Displaying items by tag: FireEye

Former NSA hacker Jake Williams has criticised the SEC filing made by security firm SolarWinds following the disclosure that the company's Orion network management software had been compromised and used to breach numerous companies in many regions of the globe.

A backdoored binary that was said to have allowed compromises of companies in a number of countries is still present on the site of American vendor SolarWinds, a tech researcher says.

More details are emerging about poor security at SolarWinds, following the compromise of its Orion network management software that was then used to effect attacks on many companies in a number of regions around the globe.

The company at the centre of the global intrusion detailed by security company FireEye on Monday AEDT — SolarWinds — has quietly taken down the page on its website which had a list of its elite customers.

Researchers from FireEye and Microsoft claim to have discovered a global intrusion campaign, using the Orion network monitoring system sold by SolarWinds, with a trojan being implanted into a file which was part of updates for the product; the compromised file was given the name SUNBURST. The software runs on Windows.

American cyber security firm FireEye, which last week said it had suffered a breach and lost its attack tools, says it has identified a global campaign to compromise public and private sector bodies through corruption of software supply chains, using software that runs on Windows.

The chief executive of a British security firm has criticised the American firm FireEye — which had its Red Team tools stolen by an unknown adversary recently — of using fancy terms in its advisory about the attack in order to hide its own failings.

American cyber security company FireEye, which announced a couple of days ago that it had been compromised by unknown attackers who stole its offensive tools, has been accused of having poor Internet-facing security by a British company that specialises in PKI.

Whenever FireEye, the cyber security firm that just had its crown jewels compromised, publishes a report on some activity by malicious attackers, it always issues a judgment on where they come from – with high confidence most of the time.

Cyber security vendor FireEye has a considerable amount of egg on its face after the tools used by its Red Team — an attack unit — have been stolen by a group that it claims is a "highly sophisticated state-sponsored adversary".

VMware has appointed Sean Kopelke as its senior director of technology for Australia and New Zealand.

Cyber security and compliance company Proofpoint has appointed Alex Lei as its new regional leader for Asia-Pacific and Japan.

How do You Detect and Respond to Them?

GUEST OPINION By Louis Tague, Vice President, Australia and New Zealand, FireEye: As efforts to adjust to the “new normal” are forcing huge portions of Australians into remote working and outside the relative safety of their employers’ corporate networks, cyber risks have become top-of-mind even for employees who don’t work within security.

How do You Detect and Respond to Them?

GUEST OPINION By Louis Tague, Vice President, Australia and New Zealand, FireEye: As efforts to adjust to the “new normal” are forcing huge portions of Australians into remote working and outside the relative safety of their employers’ corporate networks, cyber risks have become top-of-mind even for employees who don’t work within security.

Global technology provider Pitney Bowes has been hit by the Maze ransomware and the attackers have released a number of screenshots of the company's systems to prove their claims. Maze only attacks Windows systems.

Security outfit FireEye has renamed its expertise- and intelligence-backed offerings to its threat intelligence unit, Mandiant, raising the possibility that it may look to sell this unit, one which it acquired in 2013 for about US$1 billion.

Israel has used just one zero-day vulnerability in attacks it has crafted during the period 2012-19, if research by the security firm FireEye's Mandiant Threat Intelligence group is to be believed.

GUEST OPINION by Jim Cook Attivo Networks: A long time target for adversaries, Active Directory is getting a long-awaited defensive makeover, writes Jim Cook, ANZ Regional Director, Attivo Networks.

GUEST OPINION by Jim Cook Attivo Networks: A long time target for adversaries, Active Directory is getting a long-awaited defensive makeover, writes Jim Cook, ANZ Regional Director, Attivo Networks.

More than three-quarters of the Windows ransomware cases across the 2017 to 2019 period studied by Mandiant Intelligence, a division of security firm FireEye, occurred after working hours.