Industry Perspectives Blog
In Case You Missed It: The FireEye Top Stories of the Week 9-25
1. A SYNful Offering from Cisco: Cisco is offering a free tool for customers to determine whether they were impacted by the SYNful Knock router implant. FireEye first reported on the implant last week in a series of two blogs, offering details on detecting and mitigating the malware. The malicious software, which can give attackers full control of routers, has been found on nearly 200 Cisco devices in 30 countries.
2. Got XcodeGhost with that App? FireEye reported that more than 4,000 iOS apps in the Apple App Store were compromised with XcodeGhost. The malicious apps steal device and user information and send stolen data to the command and control server. FireEye ensured customers they are protected from this threat across their mobile devices and networks.
3. Forbes.com Serves Up Malware: FireEye identified malvertising on Forbes.com website. The bad ads redirected viewers to Neutrino and Angler Exploit Kits. By abusing ad platforms, attackers can selectively target where their malicious content gets displayed. When these ads are served by mainstream websites like Forbes, it creates potential for mass infection.
4. China and U.S. Talk Cyber: Chinese President Xi Jinping is in the U.S. this week and cyber security was one of the top items on the agenda. Jinping said he was committed to setting up a high-level dialogue on fighting cyber crime, and insists his government has not stolen any intellectual property from U.S. companies.
5. Insurance Against Cyber Crimes: In the wake of bigger and more expensive cyber breaches, Ace Ltd is now offering $100 million cyber insurance policies. FireEye is one of a small handful of firms that provide services Ace will insure, including identifying vulnerabilities and responding to cyber attacks. Ace announced the move while eyeing a boost in premiums and profits. Cyber insurance is one of the fastest growing areas in the market.