Vulnerabilities / Threats
3/27/2014
06:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

FireEye Releases Comprehensive Analysis of 2013 Zero-day Attacks; Impact on Security Models

New Research Paper Offers Insight into Industry's Leading Zero-day and Advanced Threat Detection Models

Milpitas, CA - Mar 27, 2014 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today’s advanced cyber attacks, today announced the release of “Less Than Zero: A Survey of Zero-day Attacks in 2013 and What They Say About the Traditional Security Model.” Through an analysis of the 11 zero-day vulnerabilities discovered in 2013 by FireEye - by far the most discoveries of any security company that year - the paper provides context around the advanced threats these vulnerabilities enable as well as guidance to enterprises on mitigating these hidden problems.

“Advanced threats against enterprises today thrive on exploiting the unknown and evading blocking techniques thanks to a growing, global marketplace for selling software vulnerabilities,” said Zheng Bu, vice president of security research, FireEye. “The old security model of tracking known threats and relying on signature-based solutions are simply powerless to stop zero-day threats. The number of zero-day attacks profiled in the paper highlight why organizations need to take a new approach to security by combining next-generation technology with human expertise.”

The 11 zero-days analyzed were uncovered and evaluated by FireEye Labs using threat intelligence from more than two million virtual machines communicating into the FireEye® Dynamic Threat Intelligence™ (DTI) cloud. The technology has already found two of the four zero-days uncovered in 2014. Evading traditional cyber defenses, these zero-days facilitated attacks against consumers and organizations, including the Council on Foreign Relations and the U.S. Department of Labor. Looking beyond just blocking these vulnerabilities, FireEye forensics experts found that watering-hole attacks targeting specific audiences and industries are a rapidly rising trend in the attack space.

“While FireEye’s “Less Than Zero” paper is a must-read for security professionals, it is equally important for business executives as a means for understanding what they are up against,” said Jon Oltsik, senior principal analyst at the Enterprise Strategy Group. “Today’s sophisticated cyber adversaries can easily circumvent existing security controls, penetrate corporate networks, and may ultimately be used to steal extremely valuable data. CEOs must come to terms with these threats and make sure to align them with their overall risk management, business planning, and fiduciary responsibilities.”

“Less Than Zero” is a continuation of the FireEye mission to support the next generation of security. It provides advice to readers on how networks, incident response, and application management should be approached to deal with the advanced, unknown threats of today. More of the company’s recently published researched can be found on theFireEye blog, including its 2013 Advanced Threat Report that uncovered enterprises are attacked on average once every 1.5 seconds.

To view a full copy of “Less Than Zero: A Survey of Zero-day Attacks in 2013 and What They Say About the Traditional Security Model” please visit: http://www.fireeye.com/resources/pdfs/white-papers/fireeye-zero-day-attacks-in-2013.pdf.

About FireEye, Inc.

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 1,900 customers across more than 60 countries, including over 130 of the Fortune 500.

Media Contact

Vitor De Souza
FireEye, Inc.
vitor.desouza@fireeye.com
(415) 699-9838

# # #

© 2014 FireEye, Inc. All rights reserved. FireEye and Dynamic Threat Intelligence are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
securityaffairs
100%
0%
securityaffairs,
User Rank: Ninja
3/27/2014 | 7:53:05 PM
FireEye ... an excellent score
Zero-day attacks are very insidious, in the majority of the cases these offensives go undetected for several years causing serious damages in term theft of sensible data and intellectual property.

Zero-day detection need a structures approach to security, attackers are using tactics even more sophisticated and experts at FireEye demonstrated in 2013 to be one of the most active and efficient security team.

The acquisition of Mandiant will reinforce it leadership and capabilities to early detect such cyber threats.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7178
Published: 2014-11-28
Enalean Tuleap before 7.5.99.6 allows remote attackers to execute arbitrary commands via the User-Agent header, which is provided to the passthru PHP function.

CVE-2014-7850
Published: 2014-11-28
Cross-site scripting (XSS) vulnerability in the Web UI in FreeIPA 4.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to breadcrumb navigation.

CVE-2014-8423
Published: 2014-11-28
Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to execute arbitrary commands via unknown vectors.

CVE-2014-8424
Published: 2014-11-28
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication.

CVE-2014-8425
Published: 2014-11-28
The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?