Vulnerabilities / Threats
3/27/2014
06:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

FireEye Releases Comprehensive Analysis of 2013 Zero-day Attacks; Impact on Security Models

New Research Paper Offers Insight into Industry's Leading Zero-day and Advanced Threat Detection Models

Milpitas, CA - Mar 27, 2014 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today’s advanced cyber attacks, today announced the release of “Less Than Zero: A Survey of Zero-day Attacks in 2013 and What They Say About the Traditional Security Model.” Through an analysis of the 11 zero-day vulnerabilities discovered in 2013 by FireEye - by far the most discoveries of any security company that year - the paper provides context around the advanced threats these vulnerabilities enable as well as guidance to enterprises on mitigating these hidden problems.

“Advanced threats against enterprises today thrive on exploiting the unknown and evading blocking techniques thanks to a growing, global marketplace for selling software vulnerabilities,” said Zheng Bu, vice president of security research, FireEye. “The old security model of tracking known threats and relying on signature-based solutions are simply powerless to stop zero-day threats. The number of zero-day attacks profiled in the paper highlight why organizations need to take a new approach to security by combining next-generation technology with human expertise.”

The 11 zero-days analyzed were uncovered and evaluated by FireEye Labs using threat intelligence from more than two million virtual machines communicating into the FireEye® Dynamic Threat Intelligence™ (DTI) cloud. The technology has already found two of the four zero-days uncovered in 2014. Evading traditional cyber defenses, these zero-days facilitated attacks against consumers and organizations, including the Council on Foreign Relations and the U.S. Department of Labor. Looking beyond just blocking these vulnerabilities, FireEye forensics experts found that watering-hole attacks targeting specific audiences and industries are a rapidly rising trend in the attack space.

“While FireEye’s “Less Than Zero” paper is a must-read for security professionals, it is equally important for business executives as a means for understanding what they are up against,” said Jon Oltsik, senior principal analyst at the Enterprise Strategy Group. “Today’s sophisticated cyber adversaries can easily circumvent existing security controls, penetrate corporate networks, and may ultimately be used to steal extremely valuable data. CEOs must come to terms with these threats and make sure to align them with their overall risk management, business planning, and fiduciary responsibilities.”

“Less Than Zero” is a continuation of the FireEye mission to support the next generation of security. It provides advice to readers on how networks, incident response, and application management should be approached to deal with the advanced, unknown threats of today. More of the company’s recently published researched can be found on theFireEye blog, including its 2013 Advanced Threat Report that uncovered enterprises are attacked on average once every 1.5 seconds.

To view a full copy of “Less Than Zero: A Survey of Zero-day Attacks in 2013 and What They Say About the Traditional Security Model” please visit: http://www.fireeye.com/resources/pdfs/white-papers/fireeye-zero-day-attacks-in-2013.pdf.

About FireEye, Inc.

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 1,900 customers across more than 60 countries, including over 130 of the Fortune 500.

Media Contact

Vitor De Souza
FireEye, Inc.
vitor.desouza@fireeye.com
(415) 699-9838

# # #

© 2014 FireEye, Inc. All rights reserved. FireEye and Dynamic Threat Intelligence are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
securityaffairs
100%
0%
securityaffairs,
User Rank: Ninja
3/27/2014 | 7:53:05 PM
FireEye ... an excellent score
Zero-day attacks are very insidious, in the majority of the cases these offensives go undetected for several years causing serious damages in term theft of sensible data and intellectual property.

Zero-day detection need a structures approach to security, attackers are using tactics even more sophisticated and experts at FireEye demonstrated in 2013 to be one of the most active and efficient security team.

The acquisition of Mandiant will reinforce it leadership and capabilities to early detect such cyber threats.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7830
Published: 2014-11-24
Cross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse cap...

CVE-2014-7831
Published: 2014-11-24
lib/classes/grades_external.php in Moodle 2.7.x before 2.7.3 does not consider the moodle/grade:viewhidden capability before displaying hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student role to access the get_grades web service.

CVE-2014-7832
Published: 2014-11-24
mod/lti/launch.php in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 performs access control at the course level rather than at the activity level, which allows remote authenticated users to bypass the mod/lti:view capability requirement by vi...

CVE-2014-7833
Published: 2014-11-24
mod/data/edit.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 sets a certain group ID to zero upon a database-entry change, which allows remote authenticated users to obtain sensitive information by accessing the database after an edit by a teacher.

CVE-2014-7834
Published: 2014-11-24
mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not verify group permissions, which allows remote authenticated users to access a forum via the forum_get_discussions web service.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?