FireEye – Page 14 – WindowsTechs.com

The latest in Facebook’s dragnet: Propaganda from Russian military intelligence

Posted on February 12, 2020 by Jeff Stone

Facebook on Wednesday announced the removal of three networks of accounts it had determined were operating on behalf of foreign governments, including a number of pages that the company tied to Russian intelligence services. Researchers found a network of 78 accounts, 11 Pages, 29 groups and four Instagram pages that often posted about news such as Russia’s involvement in Syria and the downing of the Malaysian airliner MH17 and also had links to Russian military intelligence services, the company said. Sometimes, the account holders misrepresented themselves as citizen journalists, and contacted policymakers, reporters and other known figures in the region who could help amplify their content, Facebook said in a blog post. The other networks originated in Iran, where operators also impersonated journalists, and Vietnam and Myanmar, where the Burmese telecommunications company MyTel, which is indirectly owned by the Burmese and Vietnamese militaries, engaged in “coordinated inauthentic behavior.” These takedowns are […]

The post The latest in Facebook’s dragnet: Propaganda from Russian military intelligence appeared first on CyberScoop.

Continue reading The latest in Facebook’s dragnet: Propaganda from Russian military intelligence→

China-linked hackers have targeted Malaysian government, officials warn

Posted on February 6, 2020 by Sean Lyngaas

A hacking group that private researchers have linked with Chinese interests has successfully targeted Malaysian government officials in an apparent data-stealing espionage campaign, cybersecurity officials in the Southeast Asian nation said this week. The Malaysian Computer Emergency Response Team, a government-backed organization, said it had “observed an increase in [the] number of artifacts and victims involving a campaign against Malaysian government officials.” The hackers have tended to target government-backed projects in an effort to steal reams of data on proposal and shipping information, the Malaysian officials said. To do that, the attackers have exploited a pair of old vulnerabilities, one dating back to 2014, in Microsoft products to compromise their targets. The advisory did not explicitly name the hacking group responsible. But the data it cited, including private-sector reports, point to a state-sponsored group known as APT40 or Leviathan. Active since at least 2013, APT40 has conducted hacking operations in […]

The post China-linked hackers have targeted Malaysian government, officials warn appeared first on CyberScoop.

Continue reading China-linked hackers have targeted Malaysian government, officials warn→

U.S. Finance Sector Hit with Targeted Backdoor Campaign

Posted on February 6, 2020 by Tara Seals

The powerful Minebridge backdoor gives cyberattackers full run of a victim’s machine. Continue reading U.S. Finance Sector Hit with Targeted Backdoor Campaign→

Citrix Systems and FireEye introduce new tool for detection of compromise

Posted on January 24, 2020 by Industry News

Citrix Systems and FireEye announced the launch of a new tool for detection of compromise in connection with the previously announced CVE-2019-19781 vulnerability, which affects certain versions of Citrix Application Delivery Controller (ADC), Citrix G… Continue reading Citrix Systems and FireEye introduce new tool for detection of compromise→

IoC Scanner shows if Citrix appliances have been compromised via CVE-2019-19781

Posted on January 23, 2020 by Zeljka Zorz

Citrix and FireEye have teamed up to provide sysadmins with an IoC scanner that shows whether a Citrix ADC, Gateway or SD-WAN WANOP appliance has been compromised via CVE-2019-19781. Finding evidence of compromise By now it should be widely known that … Continue reading IoC Scanner shows if Citrix appliances have been compromised via CVE-2019-19781→

FireEye acquires Cloudvisory to add cloud workload security capabilities to FireEye Helix

Posted on January 23, 2020 by Industry News

FireEye, the intelligence-led security company, announced the acquisition of Cloudvisory. The acquisition, which closed on January 17, 2020, will add cloud workload security capabilities to FireEye Helix, offering customers one integrated security oper… Continue reading FireEye acquires Cloudvisory to add cloud workload security capabilities to FireEye Helix→

FireEye Mandiant unveils two new services to help orgs improve detection, investigation, and response

Posted on January 22, 2020 by Industry News

FireEye, the intelligence-led security company, announced the availability of two new FireEye Mandiant services. Cloud Security Assessments help organizations evaluate and harden security in cloud platforms, and Cyber Defense Operations consulting serv… Continue reading FireEye Mandiant unveils two new services to help orgs improve detection, investigation, and response→

First patches for the Citrix ADC, Gateway RCE flaw released

Posted on January 21, 2020 by Zeljka Zorz

As attackers continue to hit vulnerable Citrix (formerly Netscaler) ADC and Gateway installations, Citrix has released permanent fixes for some versions and has promised to provide them for other versions and for two older versions of SD-WAN WANOP by J… Continue reading First patches for the Citrix ADC, Gateway RCE flaw released→

Hackers are racing to exploit a Citrix bug that the company hasn’t patched yet

Posted on January 17, 2020 by Sean Lyngaas

Over the course of a week, the security implications have grown more dire for a critical vulnerability in two popular products made by Citrix, a corporate virtual private network service provider used at many Fortune 500 companies. The flaw exists in a Citrix cloud-based application delivery tool, as well as in a product that allows remote access to the company’s applications. Experts say that successful exploitation of the bug could allow a hacker to burrow into the many enterprise networks that use the software. The result could be the exposure or theft of corporate information from Citrix clients who otherwise trust technology provided by the $2.5 billion company. First, experts said that attackers would soon begin exploiting the flaw. Citrix then issued an advisory assuring that its recommended stop-gap security measures would help address the issue. But as researchers warned that hackers had begun exploiting the vulnerability, Citrix updated its advisory to say that, in certain […]

The post Hackers are racing to exploit a Citrix bug that the company hasn’t patched yet appeared first on CyberScoop.

Continue reading Hackers are racing to exploit a Citrix bug that the company hasn’t patched yet→

ATT&CK for ICS: Knowledge base of techniques used by cyber adversaries

Posted on January 8, 2020 by Help Net Security

MITRE released an ATT&CK knowledge base of the tactics and techniques that cyber adversaries use when attacking ICS that operate some of the nation’s most critical infrastructures including energy transmission and distribution plants, oil refineri… Continue reading ATT&CK for ICS: Knowledge base of techniques used by cyber adversaries→