breaking: cybersecurity firm FireEye has been hacked. In a blog post, CEO Kevin Mandia said a highly sophisticated foreign nation-state attack resulted in the theft of internal hacking tools (Red Team kits)
It is unclear:
-how conducted the hack
-which software systems are affected
-when the intrusion occurred
-what the attackers motive is https://www.reuters.com/article/fireeye-cyber/u-s-cybersecurity-firm-fireeye-discloses-breach-theft-of-internal-hacking-tools-idUSL1N2IO2EI
-how conducted the hack
-which software systems are affected
-when the intrusion occurred
-what the attackers motive is https://www.reuters.com/article/fireeye-cyber/u-s-cybersecurity-firm-fireeye-discloses-breach-theft-of-internal-hacking-tools-idUSL1N2IO2EI
The FBI and Microsoft are assisting with an internal investigation. FireEye has been privately working with a group of software vendors in recent weeks to share defensive measure. Mandia says no 0days were included.
Hard to measure impact atm. https://www.reuters.com/article/fireeye-cyber/u-s-cybersecurity-firm-fireeye-discloses-breach-theft-of-internal-hacking-tools-idUSL1N2IO2EI
Hard to measure impact atm. https://www.reuters.com/article/fireeye-cyber/u-s-cybersecurity-firm-fireeye-discloses-breach-theft-of-internal-hacking-tools-idUSL1N2IO2EI
Mandia said no evidence yet that hackings tool have been deployed in the wild. Also no evidence of customer data being exfiltrated. However, investigators noticed the hackers showed a particular interest in FireEye's government clients. Unclear if that means USG agencies or other
Read the story here as we update it through the day with additional insight: https://www.reuters.com/article/fireeye-cyber/u-s-cybersecurity-firm-fireeye-discloses-breach-theft-of-internal-hacking-tools-idUSL1N2IO2EI
new detection rules: https://github.com/fireeye/red_team_tool_countermeasures
official SEC filing: https://investors.fireeye.com/static-files/05bd98cf-59b0-4af1-89f2-89e5c8f783f8
Some are wondering if FireEye plans to release the threat actor TTPs (allowing others to potentially spot them), I think the answer is no. At least for now.