FireEye breach: State-sponsored attackers stole hacking tools

2020-12-09 12:23

U.S. cybersecurity company FireEye has suffered a breach, and the attackers made off with the company's RedTeam tools, FireEye CEO Kevin Mandia has disclosed on Tuesday.

"The attackers tailored their world-class capabilities specifically to target and attack FireEye. They are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past."

"The stolen tools range from simple scripts used for automating reconnaissance to entire frameworks that are similar to publicly available technologies such as CobaltStrike and Metasploit. Many of the Red Team tools have already been released to the community and are already distributed in our open-source virtual machine, CommandoVM," the company shared.

"Some of the tools are publicly available tools modified to evade basic security detection mechanisms. Other tools and frameworks were developed in-house for our Red Team.".

The attackers, on the other hand, can consider this sortie a success: they've grabbed tools that they can use when they don't want to "Burn" the tools they've create themselves or make it obvious they are behind an attack, and they might have unearthed information that may aid in their future efforts.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/IyAVS0H57Is/

#breach #fireeye #hacking #statesponsored #tools

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Fireeye		8	0	8	2	0	10

News URL

Related news

Related vendor