Call a Specialist Today! 844-960-3901
Free Shipping! Free Shipping!

The Latest FireEye News
Product and Solution Information, Press Releases, Announcements

FireEye Discovers 11 Zero-Days in 2013
Posted: Thu Dec 19, 2013 02:46:14 PM

FireEye Labs Combines Forensics Experts, Real-Time Threat Intelligence, and Virtual Machine Detection Technologies to Create Next-Generation Platform for Threat Intelligence Services.

Milpitas, CA -- December 19, 2013 -- FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today's advanced cyber attacks, today announced that FireEye Labs discovered more zero-day advanced attacks than any security company in 2013. The attacks include:

  • Operation DeputyDog (CVE-2013-3893)
  • Operation Ephemeral Hydra (CVE-2013-3918)
  • Council of Foreign Relations watering hole attack (CVE-2012-4792)
  • Department of Labor watering hole attack (CVE-2013-1347)

Zero-day attacks exploit previously unknown vulnerabilities in widely deployed software programs, such as Microsoft Internet Explorer or Adobe Acrobat. These advanced attacks exploit the vulnerability to alter the targeted program so that subsequent malicious behavior is extremely difficult to detect.

"Today's advanced attacks require a fundamentally different approach to security," said David DeWalt, FireEye CEO. "By combining the threat intelligence gathered from more than 2 million virtual machines, industry-leading cyber threat research, and the expertise of some of the most experienced incident response and forensic experts in the field, FireEye helps our customers stay ahead of cyber attacks."

The FireEye Labs research team is led by senior director of research, Zheng Bu, and the FireEye Labs field team is led by Bill Hau, vice president of professional services.

Today, FireEye Labs employs security researchers in locations around the world, including Milpitas, CA, Reston, VA as well as Singapore, Bangalore, India, and Cork, Ireland.

FireEye Services, which is now a part of FireEye Labs, has security experts in five major geographic theaters to collect and disseminate threat intelligence, while advising clients on incident response, digital forensics, and overall security risk management.

FireEye Labs leverages threat intelligence from over 2 million of virtual machines communicating into the FireEye ; Dynamic Threat Intelligence (DTI) cloud. This enables FireEye Labs to observe attack patterns and provide accurate and timely intelligence to better protect customers' networks. With unprecedented insight into advanced persistent threats (APTs), the FireEye APT Discovery Center catalogs and analyzes hundreds of current and past APT campaigns and updates threat detection algorithms frequently. The APT Discovery Center characterizes APT attacks by technical footprint, geography, and target industry to help security teams, law enforcement, and governments improve security defenses.

Some of the major accomplishments of this combined team in 2013 include:

  • Building the FireEye Zero-Day Discovery Center that uncovered 11 zero-day vulnerabilities exploited in targeted attacks.
  • Finding two major vulnerabilities in Google's Android mobile operating system.
  • Uncovering the 14 most common sandbox evasion methods.
  • Cataloging 160 APT campaigns across 25 million attack events.
  • Leveraging next-generation analytics that helped identify high-profile advance campaigns such as Operation DeputyDog and Operation Ephemeral Hydra.
  • Establishing Cyber Forensic Labs in five major locations across the globe to support customers with evidence acquisition, chain of custody, and investigations as necessary.

FireEye Services is comprised of a team of experts who investigate breaches for some of the world's largest enterprises and governments. This team is available to support and manage all aspects of security research and provide risk management expertise. Advanced services available to customers include global incident response, digital forensics, penetration testing, red carpet services, APT Health Checks, incident response planning, and advanced threat risk assessments.

« Return to News List