Security News > 2020 > December > FireEye Cyberattack Compromises Red-Team Security Tools
The attacker targeted and was able to access certain Red Team assessment tools that the company uses to test its customers' security.
"The attackers tailored their world-class capabilities specifically to target and attack FireEye. They are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination."
FireEye has also seen no evidence to date that an attacker has utilized the stolen Red Team tools.
Such use of the tools could allow attackers to take over systems, a Tuesday Cybersecurity & Infrastructure Security Agency advisory warned: "Although [CISA] has not received reporting of these tools being maliciously used to date, unauthorized third-party users could abuse these tools to take control of targeted systems," according to the advisory.
"We are not sure if the attacker intends to use our Red Team tools or to publicly disclose them," said Mandia.
News URL
https://threatpost.com/fireeye-cyberattack-red-team-security-tools/162056/
Related news
- SOC teams are frustrated with their security tools (source)
- Cyberattack Group 'Awaken Likho' Targets Russian Government with Advanced Tools (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Best AI Security Tools: Top Solutions, Features & Comparisons (source)