Security News

FireEye, Mandiant Split Apart in $1.2B Private Equity Deal
2021-06-02 22:36

FireEye on Wednesday announced plans to sell its products business, including the FireEye name, as part of a $1.2 billion transaction that splits off the Mandiant Solutions unit from the company's endpoint protection and cloud security products. According to FireEye, the cloud security, network and email product side of the house will be sold off in a $1.2 billion all-cash transaction to Symphony Technology Group, the private equity firm that also owns RSA Security and McAfee Enterprise.

Breaches Detected Faster, But Ransomware Surge a Major Factor: FireEye
2021-04-13 19:08

According to Mandiant, the surge in ransomware attacks, which are meant to be noisy and detected, is partially the reason for shorter dwell times observed in live attacks over the last year. In the ransomware attacks investigated by Mandiant, 78% had a dwell time of 30 days or less, and only 1% of these incidents had a dwell time of 700 days or more.

FireEye insider threat security services from Mandiant protect orgs against malicious activities
2021-03-17 01:30

FireEye unveiled two new insider threat security services from Mandiant. The new services help organizations establish or scale up insider threat programs and are designed to provide ongoing protection against rapidly evolving and dynamic malicious activities within organizations.

FireEye CEO: Reckless Microsoft Hack Unusual for China
2021-03-10 02:24

Cyber sleuths have already blamed China for a hack that exposed tens of thousands of servers running its Exchange email program to potential hacks. The CEO of a prominent cybersecurity firm says it now seems clear China also unleashed an indiscriminate, automated second wave of hacking that opened the way for ransomware and other cyberattacks.

Microsoft, FireEye Unmask More Malware Linked to SolarWinds Attackers
2021-03-04 22:19

Researchers have uncovered more custom malware that is being used by the threat group behind the SolarWinds attack. Researchers with Microsoft and FireEye identified three new pieces of malware that the companies said are being used in late-stage activity by the threat actor.

FireEye finds new malware likely linked to SolarWinds hackers
2021-03-04 18:04

FireEye discovered a new "Sophisticated second-stage backdoor" on the servers of an organization compromised by the threat actors behind the SolarWinds supply-chain attack. The new malware is dubbed Sunshuttle, and it was "Uploaded by a U.S.-based entity to a public malware repository in August 2020.".

Bryan Palma named Executive Vice President of FireEye Products
2021-02-07 23:45

FireEye announced that Bryan Palma has joined the company as Executive Vice President of FireEye Products. In this role, Palma will lead the FireEye product team to further develop the company's industry-leading product portfolio and optimize SaaS security controls offerings to more effectively protect modern enterprise environments.

FireEye publishes details of SolarWinds hacking techniques, gives out free tool to detect signs of intrusion
2021-01-19 20:42

Any organizations that used the backdoored SolarWinds network-monitoring software should take another look at their logs for signs of intrusion in light of new guidance and tooling. In an update and white paper [PDF] released on Tuesday, FireEye warned that the hackers - which intelligence services and computer security outfits have concluded were state-sponsored Russians - had specifically targeted two groups of people: those with access to high-level information, and sysadmins.

FireEye Releases New Open Source Tool in Response to SolarWinds Hack
2021-01-19 19:04

FireEye Mandiant on Tuesday announced the release of an open source tool designed to check Microsoft 365 tenants for the use of techniques associated with UNC2452, the name currently assigned by the cybersecurity firm to the threat group that attacked IT management company SolarWinds. The SolarWinds supply chain attack has made hundreds of victims, and potentially impacted entities should check their systems for signs of an intrusion associated with this attack.

Millions of Devices Affected by Vulnerabilities Used in Stolen FireEye Tools
2020-12-23 12:00

Millions of devices are exposed to potential attacks exploiting the vulnerabilities used in the tools that threat actors recently stole from FireEye, security and compliance solutions provider Qualys reported on Tuesday. Qualys said it identified more than 7.5 million instances related to vulnerabilities associated with the stolen FireEye tools and compromised versions of the SolarWinds Orion product.