Security News > 2020 > December > Cybersecurity Firm FireEye Got Hacked; Red-Team Pentest Tools Stolen

Cybersecurity Firm FireEye Got Hacked; Red-Team Pentest Tools Stolen
2020-12-10 08:36

FireEye, one of the largest cybersecurity firms in the world, said on Tuesday it became a victim of a state-sponsored attack by a "Highly sophisticated threat actor" that stole its arsenal of Red Team penetration testing tools it uses to test the defenses of its customers.

Red Team tools are often used by cybersecurity organizations to mimic those used in real-world attacks with the goal of assessing a company's detection and response capabilities and evaluating the security posture of enterprise systems.

The accessed Red Team tools run the gamut from scripts used for automating reconnaissance to entire frameworks that are similar to publicly available technologies such as CobaltStrike and Metasploit.

To minimize the potential impact of the theft of these tools, the company has also released 300 countermeasures, including a list of 16 previously disclosed critical flaws that should be addressed to limit the effectiveness of the Red Team tools.

The release of red team tools stolen by the adversary "Will go a long way to mitigating the potential impact of this intrusion for organizations all over the world," he added.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/mbfo-2_7GvA/cybersecurity-firm-fireeye-got-hacked.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Fireeye 8 0 8 2 0 10