FireEye – Page 19 – WindowsTechs.com

Researchers Find New Victim of ‘Triton’ Hackers

Posted on April 10, 2019 by Lorenzo Franceschi-Bicchierai

A security firm has discovered a new victim of the infamous hacking group that targeted critical infrastructure with destructive malware. Continue reading Researchers Find New Victim of ‘Triton’ Hackers→

Cybercriminals Have a Heyday with WinRAR Bug in Fresh Campaigns

Posted on March 27, 2019 by Tara Seals

With new attacks on the Israeli military and social-work educators, exploitation of the 19-year-old flaw shows no signs of slowing down. Continue reading Cybercriminals Have a Heyday with WinRAR Bug in Fresh Campaigns→

Elfin espionage group is focused on Saudi, U.S. organizations, Symantec says

Posted on March 27, 2019 by Sean Lyngaas

In the last three years, a suspected Iranian cyber-espionage group has targeted organizations in Saudi Arabia and the United States in attacks spanning several sectors, researchers from cybersecurity company Symantec said Wednesday. The researchers described a hacking group that “has compromised a wide range of targets, including governments along with organizations in the research, chemical, engineering, manufacturing, consulting, finance, telecoms, and several other sectors.” Some three-quarters of the 50 organizations hit by the group that Symantec calls Elfin and that others label APT33 are based in Saudi Arabia and the U.S., the researchers said. FireEye, another cybersecurity company, previously has concluded that APT33 “works at the behest of the Iranian government,” and that it has taken a particularly close interest in the aviation sector. The tally of American targets includes “a number of Fortune 500 companies,” according to Symantec. “Elfin’s goal appears to be sabotage,” Jon DiMaggio, senior threat intelligence analyst at Symantec, told […]

The post Elfin espionage group is focused on Saudi, U.S. organizations, Symantec says appeared first on CyberScoop.

Continue reading Elfin espionage group is focused on Saudi, U.S. organizations, Symantec says→

Vietnam’s premier hacking group ramps up targeting of global car companies

Posted on March 21, 2019 by Sean Lyngaas

A Vietnamese hacking group has been aggressively targeting multinational automotive companies in an apparent bid to support the country’s domestic auto industry, researchers who closely track the group told CyberScoop. Since February, the group known as APT32 sent malicious lures to between five and 10 organizations in the automotive sector, according to Nick Carr, senior manager at cybersecurity company FireEye. FireEye “assesses with moderate confidence” that APT32’s latest activity is in support of “the Vietnamese government’s stated domestic vehicle and auto part manufacturing goals,” Carr said. It is unclear how successful the operation has been. Carr declined to say whether the lures led to compromises of the automotive organizations’ networks. What is clear is that FireEye mobilized resources in response to the threat. “This is a little bit uncommon for [APT32] to do the industry-wide targeting,” he told CyberScoop. “And so, as a company we’ve been putting out more intelligence on our […]

The post Vietnam’s premier hacking group ramps up targeting of global car companies appeared first on CyberScoop.

Continue reading Vietnam’s premier hacking group ramps up targeting of global car companies→

If an organization has been breached, it’s more likely to be targeted again

Posted on March 5, 2019 by Help Net Security

FireEye released the Mandiant M-Trends 2019 report at the RSA Conference. The report shares statistics and insights gleaned from Mandiant investigations around the globe in 2018. Key findings Dwell time decreasing as organizations improve detection cap… Continue reading If an organization has been breached, it’s more likely to be targeted again→

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Posted on February 18, 2019 by BrianKrebs

The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.

This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers. Continue reading A Deep Dive on the Recent Widespread DNS Hijacking Attacks→

Adrian McDermott joins FireEye board of directors

Posted on February 8, 2019 by Industry News

FireEye, the intelligence-led security company, announced that Adrian McDermott has been appointed to the FireEye board of directors. McDermott is currently President of Products at Zendesk, a global company that builds software for customer service an… Continue reading Adrian McDermott joins FireEye board of directors→

FireEye: New APT goes after individual targets by hitting telecom, travel companies

Posted on January 29, 2019 by Zaid Shoorbajee

A newly identified threat group linked to Iran is surveilling specific individuals of interest by stealing data primarily from companies in the telecommunications and travel industries, a report from FireEye published Tuesday. FireEye is adding the group to its list of advanced persistent threats as APT39. While not outright saying the group is state-sponsored, researchers said that APT39 appears to be be acting in support of Iranian state interests. That assessment is based on the group’s toolset overlap with other Iran-linked groups like APT33, APT34, Newscaster and Chafer. Still, FireEye says APT39’s apparent objective and its choices of malware variants warrant classifying it as a new group. “APT39’s focus on the telecommunications and travel industries suggests intent to perform monitoring, tracking, or surveillance operations against specific individuals that serve strategic requirements related to Iran’s strategic national priorities,” Cristiana Kittner, FireEye principal analyst of cyber-espionage analysis, told CyberScoop by email. It’s […]

The post FireEye: New APT goes after individual targets by hitting telecom, travel companies appeared first on CyberScoop.

Continue reading FireEye: New APT goes after individual targets by hitting telecom, travel companies→

Criminals wielding Ryuk ransomware specialize in targeting enterprises

Posted on January 15, 2019 by Zeljka Zorz

A cybercriminal group dubbed Grim Spider has been using the Ryuk ransomware to exclusively target enterprises and has managed to amass over 705 Bitcoins (around $3.7 million) from the victims in less than six months. CrowdStrike and FireEye researchers… Continue reading Criminals wielding Ryuk ransomware specialize in targeting enterprises→

Infosec products of the week: January 11, 2019

Posted on January 11, 2019 by Mirko Zorz

FireEye updates Email Security with new threat detection and evasion defenses In addition to the executive impersonation protection capabilities, FireEye Email Security – Server Edition incorporates several other new features designed to combat emergin… Continue reading Infosec products of the week: January 11, 2019→