1. Forum
  2. sp00knet
  3. SN SECURITY

  • Fireeye Security Red Team Kit stolen by Russia

    From Bob Roberts@700:100/58 to All on Tuesday, December 08, 2020 16:53:46
    Big news in the cybersecurity world today as Fireeye admitted that Nation-state







































































































































































































































































































































    hacker had broken into their "secure vault" and stolen their Red Team intrusion







































































































































































































































































































































    tool set. Apparently the tool set was built by Fireeye over time using bits and pieces of exploits, so they themselves can perform intrustion testing against clients. While Fireeye won't say, big clues point towards Russia as the culprit.

    The concern is not that these tools are out there, but that their use by bad actors can mask the idendity of the attackers, who can typically be identified by the tool set they use. Plus, once they make it to the open market it might make certain exploits more accessable to the broader market.

    Fireeye is releasing over 300 countermeasures that are supposed to nulify the vectors used by their tools... I'm sure there is an easy installer for implementing that (not).

    The attack that allowed access to the tools was apparently very unique...

    I'm looking forward to the details that are sure to come.

    |01bobbobbobbob|09bob|03bob|11bob|03bob|09bob|01bobbobbob |01robrobrobrob|09rob|03rob|11rob|03rob|09rob|01robrobrob
    |07
    --- SBBSecho 3.11-Linux
    * Origin: Halls of Valhalla =-= Happy Holidays (700:100/58)
  • From poindexter FORTRAN@700:100/20 to Bob Roberts on Wednesday, December 09, 2020 06:58:00
    Bob Roberts wrote to All <=-

    Big news in the cybersecurity world today as Fireeye admitted that Nation-state hacker had broken into their "secure vault" and stolen
    their Red Team intrusion tool set. Apparently the tool set was built
    by Fireeye over time using bits and pieces of exploits, so they
    themselves can perform intrustion testing against clients. While
    Fireeye won't say, big clues point towards Russia as the culprit.

    Between this and the NSA thefts, someone's building a pretty big kit.
    Probably cheaper than building your own red team. While Russia is a
    perfect usual suspect, how about someone who wants to jump start
    their program and get into the game? Who could that be?




    ... Abandon desire
    --- MultiMail/XT v0.52
    * Origin: realitycheckBBS.org -- information is power. (700:100/20)
  • From Bob Roberts@700:100/58 to poindexter FORTRAN on Thursday, December 10, 2020 09:43:00
    Re: Re: Fireeye Security Red Team Kit stolen by Russia
    By: poindexter FORTRAN to Bob Roberts on Wed Dec 09 2020 06:58 am

    Between this and the NSA thefts, someone's building a pretty big kit. Probably cheaper than building your own red team. While Russia is a perfect usual suspect, how about someone who wants to jump start
    their program and get into the game? Who could that be?

    Who are the big names in Cyber warfare these days? My guess:
    Russia, North Korea, China, Iran, Isreal, USA, UK.

    Who has aspirations? My guess:
    France, Germany, Syria, Saudi Arabia, Uzbekistan, Poland, Hungary

    There could also be a lot of value in Russia grabbing these tools just to see what eploits are detectable and "well known" in the gray/white hat community.

    |01bobbobbobbob|09bob|03bob|11bob|03bob|09bob|01bobbobbob |01robrobrobrob|09rob|03rob|11rob|03rob|09rob|01robrobrob
    |07
    --- SBBSecho 3.11-Linux
    * Origin: Halls of Valhalla =-= Happy Holidays (700:100/58)
  • From Ogg@700:100/16 to Bob Roberts on Tuesday, December 15, 2020 19:02:50
    On 12/8/2020 7:53 PM, between "Bob Roberts":
    Big news in the cybersecurity world today as Fireeye admitted that Nation-state hacker had broken into their "secure vault" and stolen
    their Red Team intrusion tool set. ...

    And this "secure" vault was connected to the internet? That's pretty lame.


    I'm looking forward to the details that are sure to come.

    Keep us posted.
    --- SBBSecho 3.11-Linux
    * Origin: End Of The Line BBS - endofthelinebbs.com (700:100/16)