Fireeye

Hal9000

DARPA Competition Seeks Autonomous Systems for Cyber Defense

We all know that ‘layer 8’ – humans – are the biggest attack surface in any IT environment. Companies can invest millions to harden their networks and endpoints. But all attackers have to do is convince one user to open a fake credit card bill for $20,000 or click a “You won’t believe this video!” link on Facebook and its game over. Our human failings came into the spotlight, most recently, with the breach at Target. According to news reports, the retailer had advanced threat detection software by FireEye deployed that actually alerted staff to some of the malicious activity that signaled the start of that (epic) hack.  Alas, Target’s IT staff in the U.S. dismissed the alerts, which were reported by a team working out of Bangalore, India. The result: 40 million credit card numbers were pilfered from Target’s network. That may be why the U.S. Department of Defense’s advanced […]

Continue Reading

FireEye Report: Iranian Hacker Group Becoming More Sophisticated

A report from the security firm FireEye claims that hacking crews based in Iran have become more sophisticated in recent years. They are now linked to malicious software campaigns targeting western corporations and domestic actors who attempt to circumvent Internet filters put in place by the ruling regime.   The report, dubbed “Operation Saffron Rose,”(PDF)  was released on Tuesday. In a blog post accompanying the research, FireEye researchers say that it has identified a group of hackers it is calling the “Ajax Security Team” that appears to have emerged out of Iranian hacker forums such as Ashiyane and Shabgard. Once limited to website defacements, the Ajax team has graduated to malware-based espionage and other techniques associated with “advanced persistent threat” (APT) style actors, FireEye said. The researchers claim that the group has been observed using social engineering techniques to implant custom malware on victims’ computers. The group’s objectives seem to align with those […]

Continue Reading
AngryBirds-Halloween

Analysis Finds Blurry Lines Between Rovio, Advertisers

Rovio, the maker of the massively popular Angry Birds, makes no secret about collecting personal data from those who download and play its games. But an analysis from the advanced threat detection firm FireEye is helping to expose the extend of data harvesting, and also to sketch out the blurry line that separates Rovio and third-party advertising networks it contracts with. In a blog post on Thursday, FireEye analysts Jimmy Suo and Tao Wei described the findings of an investigation into the interaction between Rovio’s mobile applications, including the latest version of Angry Birds, and third party ad networks such as Jumptap and Millenial Media. Using FireEye’s Mobile Threat Prevention (MTP), the two gathered and analyzed network packet capture (PCap) information and analyzed the workings of Angry Birds and its communications with third-party ad networks. The two were able to reveal a multi-stage information sharing operation, tracking code paths from the reverse-engineered […]

Continue Reading

Veterans Targeted In Attack Using IE 10 Zero Day

Visitors to the web site of the Veterans of Foreign Wars (VFW) are being targeted in an attack that exploits a previously unknown hole in Microsoft’s Internet Explorer 10 web browser, according to warnings Thursday by security firms.   Some visitors to the web site of the Veterans of Foreign Wars (VFW), vfw[dot]org, were the victim of a ‘watering hole’ attack that takes advantage of a previously unknown ‘use-after-free’ vulnerability in Microsoft’s Internet Explorer 10 web browser. The VFW site was hacked and then altered to redirect users, silently, to a malicious website programmed to exploit vulnerable versions of IE 10 on systems running 32 bit versions of the Windows operating system.  The VFW did not immediately respond to e-mail and phone requests for comment. According to a write-up by the security firm FireEye, the vulnerability allows the attacker to “modify one byte of memory at an arbitrary address” stored […]

Continue Reading
Confer graphic_Final

With $8m In Funding, Confer Taps Cloud, Crowd To Secure Endpoints

A new endpoint security startup, Confer, pulled the covers off its technology on Wednesday, announcing a new services-based endpoint protection product that it claims will provide better protection against malicious software and advanced attacks. Based in Waltham, Massachusetts, Confer has been in existence for just over a year and has received $8 million in venture funding from North Bridge Capital and Matrix Partners. The company’s cloud- and endpoint-based software enables organizations to collaborate to stop sophisticated attacks by sharing attack and malware anonymously with other Confer customers. The company said its technology will appeal to enterprise customers who have grown weary of malware infections that manage to bypass or elude traditional anti virus software. Confer is just the latest company to see dollar signs in corporations’ waning enthusiasm for anti malware software. Modern anti malware products are still focused on securing Windows endpoints. They are geared for use in the […]

Continue Reading
1 2 3 4