FireEye Discovers 11 Zero-Days in 2013
FireEye Labs Combines Forensics Experts, Real-Time Threat Intelligence, and Virtual Machine Detection Technologies to Create Next-Generation Platform for Threat Intelligence Services
FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, today announced that FireEye Labs discovered more zero-day advanced attacks than any security company in 2013. The attacks include:
• Operation DeputyDog (CVE-2013-3893)
• Operation Ephemeral Hydra (CVE-2013-3918)
• Council of Foreign Relations watering hole attack (CVE-2012-4792)
• Department of Labor watering hole attack (CVE-2013-1347)
Zero-day attacks exploit previously unknown vulnerabilities in widely deployed software programs, such as Microsoft® Internet Explorer® or Adobe® Acrobat®. These advanced attacks exploit the vulnerability to alter the targeted program so that subsequent malicious behavior is extremely difficult to detect.
“Today’s advanced attacks require a fundamentally different approach to security,” said David DeWalt, FireEye CEO. “By combining the threat intelligence gathered from more than 2 million virtual machines, industry-leading cyber threat research, and the expertise of some of the most experienced incident response and forensic experts in the field, FireEye helps our customers stay ahead of cyber attacks.”
The FireEye Labs research team is led by senior director of research, Zheng Bu, and the FireEye Labs field team is led by Bill Hau, vice president of professional services.
Today, FireEye Labs employs security researchers in locations around the world, including Milpitas, CA, Reston, VA as well as Singapore, Bangalore, India, and Cork, Ireland.
FireEye Services, which is now a part of FireEye Labs, has security experts in five major geographic theaters to collect and disseminate threat intelligence, while advising clients on incident response, digital forensics, and overall security risk management.
FireEye Labs leverages threat intelligence from over 2 million of virtual machines communicating into the FireEye® ; Dynamic Threat Intelligence™ (DTI) cloud. This enables FireEye Labs to observe attack patterns and provide accurate and timely intelligence to better protect customers’ networks. With unprecedented insight into advanced persistent threats (APTs), the FireEye APT Discovery Center™ catalogs and analyzes hundreds of current and past APT campaigns and updates threat detection algorithms frequently. The APT Discovery Center characterizes APT attacks by technical footprint, geography, and target industry to help security teams, law enforcement, and governments improve security defenses.
Some of the major accomplishments of this combined team in 2013 include:
- Building the FireEye Zero-Day Discovery Center that uncovered 11 zero-day vulnerabilities exploited in targeted attacks.
- Finding two major vulnerabilities in Google’s Android™ mobile operating system.
- Uncovering the 14 most common sandbox evasion methods.
- Cataloging 160 APT campaigns across 25 million attack events.
- Leveraging next-generation analytics that helped identify high-profile advance campaigns such as Operation DeputyDog and Operation Ephemeral Hydra.
- Establishing Cyber Forensic Labs in five major locations across the globe to support customers with evidence acquisition, chain of custody, and investigations as necessary.
FireEye Services is comprised of a team of experts who investigate breaches for some of the world’s largest enterprises and governments. This team is available to support and manage all aspects of security research and provide risk management expertise. Advanced services available to customers include global incident response, digital forensics, penetration testing, red carpet services, APT Health Checks, incident response planning, and advanced threat risk assessments.
About FireEye, Inc.
FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 1,300 customers across more than 40 countries, including over 100 of the Fortune 500.
# # #
© 2013 FireEye, Inc. All rights reserved. FireEye, Dynamic Threat Intelligence, and APT Discovery Center are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. Microsoft and Internet Explorer are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Adobe and Acrobat are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. Android is a trademark of Google Inc. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.