FireEye – Valerian's Realm

FireEye Releases Tool For Auditing Networks for Techniques Used by SolarWinds Hackers

Cybersecurity firm FireEye has released today a report detailing the techniques used by the SolarWinds hackers inside the networks of companies they breached. From a report: Together with the report, FireEye researchers have also released a free tool on GitHub named Azure AD Investigator that they say can help companies determine if the SolarWinds hackers (also known as UNC2452) used any…

Is the US Government’s Cybersecurity Agency Up to the Job?

CNN reports that some critics are now questioning whether America’s Cybersecurity and Infrastructure Security Agency (CISA) is equipped to protect the integrity of government systems from adversaries: Some of the nearly half-dozen government agencies affected by the hack have recently reached out to CISA for help with addressing the known vulnerabilities that were exploited in the attack but were told the…

‘Unforced Error’ in Suspected Russian Data Breach May Have Led to Its Discovery

CNN reports:
US officials and private sector experts investigating the massive data breach that has rocked Washington increasingly believe the attackers were ultimately discovered because they took a more aggressive “calculated risk” that led to a possible “unforced error” as they tried to expand their access within the network they had penetrated months earlier without detection, according to a US official and…

Russia Breached Update Server Used by 300,000 Organizations, Including the NSA

Sunday Reuters reported that “a sophisticated hacking group” backed by “a foreign government” has stolen information from America’s Treasury Department, and also from “a U.S. agency responsible for deciding policy around the internet and telecommunications.” The Washington Post has since attributed the breach to “Russian government hackers,” and discovered it’s “part of a global espionage campaign that stretches back months, according…

FireEye, a Top Cybersecurity Firm, Says It Was Hacked By a Nation-State

An anonymous reader quotes a report from The New York Times : For years, the cybersecurity firm FireEye has been the first call for government agencies and companies around the world who have been hacked by the most sophisticated attackers, or fear they might be. Now it looks like the hackers — in this case, evidence points to Russia’s intelligence agencies…

DOD, FBI, DHS Release Info on Malware Used in Chinese Government-Led Hacking Campaigns

The U.S. government today publicly exposed malware used in Chinese government hacking efforts for more than a decade. From a report: The Chinese government has been using malware, referred to as Taidoor, to target government agencies, entities in the private sector, and think tanks since 2008, according to a joint announcement from the Department of Homeland Security’s Cybersecurity and Infrastructure Security…

Hackers Broke Into Real News Sites To Plant Fake Stories

A disinfo operation broke into the content management systems of Eastern European media outlets in a campaign to spread misinformation about NATO. Wired reports: On Wednesday, security firm FireEye released a report on a disinformation-focused group it’s calling Ghostwriter. The propagandists have created and disseminated disinformation since at least March 2017, with a focus on undermining NATO and the US troops…

How Spies Snuck Malware Into the Google Play Store — Again and Again

Google’s Play Store for Android apps has never had a reputation for the strictest protections from malware. Shady adware and even banking trojans have managed over the years to repeatedly defy Google’s security checks. Now security researchers have found what appears to be a more rare form of Android abuse: state-sponsored spies who repeatedly slipped their targeted hacking tools into the…

Will Iran Launch a Cyberattack Against the U.S.?

“Iranian officials are likely considering a cyber-attack against the U.S. in the wake of an airstrike that killed one of its top military officials,” reports Bloomberg: In a tweet after the airstrike on Thursday, Christopher Krebs, director of the U.S. Cybersecurity and Infrastructure Security Agency, repeated a warning from the summer about Iranian malicious cyber-attacks, and urged the public to brush…

China-Linked Hackers Target Military, Government Texts, FireEye Says

A state-linked Chinese hacking group is using malware to steal SMS text messages from high-ranking military and government targets, according to cybersecurity company FireEye. From a report: The hacking technology, known as MESSAGETAP, “allows China to efficiently steal data from multitudes of sources from one location,” Steven Stone, FireEye’s director of advanced practices, said in a statement. “Espionage-related theft and intrusions…