Subj : Fireeye Security Red Team Kit stolen by Russia
To   : All
From : Bob Roberts
Date : Tue Dec 08 2020 16:53:46

Big news in the cybersecurity world today as Fireeye admitted that Nation-state hacker had broken into their "secure vault" and stolen their Red Team intrusion tool set.  Apparently the tool set was built by Fireeye over time using bits and pieces of exploits, so they themselves can perform intrustion testing against clients.  While Fireeye won't say, big clues point towards Russia as the culprit.  

The concern is not that these tools are out there, but that their use by bad actors can mask the idendity of the attackers, who can typically be identified by the tool set they use.  Plus, once they make it to the open market it might make certain exploits more accessable to the broader market.

Fireeye is releasing over 300 countermeasures that are supposed to nulify the vectors used by their tools... I'm sure there is an easy installer for implementing that (not).

The attack that allowed access to the tools was apparently very unique...

I'm looking forward to the details that are sure to come.
                                
|01bobbobbobbob|09bob|03bob|11bob|03bob|09bob|01bobbobbob             
|01robrobrobrob|09rob|03rob|11rob|03rob|09rob|01robrobrob                  
|07
--- SBBSecho 3.11-Linux
 * Origin: Halls of Valhalla =-= Happy Holidays (700:100/58)

.