For years, the cybersecurity firm FireEye has been the first call for government agencies and companies around the world who have been hacked by the most sophisticated attackers, or fear they might be.
Now it looks like the hackers — in this case, evidence points to Russia’s intelligence agencies — may be exacting their revenge.
FireEye revealed on Tuesday that its own systems were pierced by what it called “a nation with top-tier offensive capabilities.” The company said hackers used “novel techniques” to make off with its own tool kit, which could be useful in mounting new attacks around the world.
To continue reading this New York Times report, go to:
https://www.nytimes.com/2020/12/08/technology/fireeye-hacked-russians.html
Also see:
FireEye Cyberattack Compromises Red-Team Security Tools
Cybersecurity firm FireEye has been hit in what CEO Kevin Mandia described as a highly targeted cyberattack. The attacker targeted and was able to access certain Red Team assessment tools that the company uses to test its customers’ security.
Mandia on Tuesday said that based on the techniques and sophistication of the attack, he believes state-sponsored actors were behind the hack. The attacker was primarily hunting out data related to certain government customers, according to FireEye. The hack used “used a novel combination of techniques not witnessed by us or our partners in the past,” he said.
https://threatpost.com/fireeye-cyberattack-red-team-security-tools/162056/
Unauthorized Access of FireEye Red Team Tools
A highly sophisticated state-sponsored adversary stole FireEye Red Team tools. Because we believe that an adversary possesses these tools, and we do not know whether the attacker intends to use the stolen tools themselves or publicly disclose them, FireEye is releasing hundreds of countermeasures with this blog post to enable the broader security community to protect themselves against these tools. We have incorporated the countermeasures in our FireEye products—and shared these countermeasures with partners, government agencies—to significantly limit the ability of the bad actor to exploit the Red Team tools.
https://www.fireeye.com/blog/threat-research/2020/12/unauthorized-access-of-fireeye-red-team-tools.html
Leading US cybersecurity firm hacked, likely by a government
FireEye, one of the largest cybersecurity companies in the United States, said on Tuesday (8 December) that it had been hacked, likely by a government, and that an arsenal of hacking tools used to test the defenses of its clients had been stolen.
https://www.euractiv.com/section/cybersecurity/news/leading-us-cybersecurity-firm-hacked-likely-by-a-government/