Vulnerabilities / Threats
3/27/2014
06:00 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

FireEye Releases Comprehensive Analysis of 2013 Zero-day Attacks; Impact on Security Models

New Research Paper Offers Insight into Industry's Leading Zero-day and Advanced Threat Detection Models

Milpitas, CA - Mar 27, 2014 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today’s advanced cyber attacks, today announced the release of “Less Than Zero: A Survey of Zero-day Attacks in 2013 and What They Say About the Traditional Security Model.” Through an analysis of the 11 zero-day vulnerabilities discovered in 2013 by FireEye - by far the most discoveries of any security company that year - the paper provides context around the advanced threats these vulnerabilities enable as well as guidance to enterprises on mitigating these hidden problems.

“Advanced threats against enterprises today thrive on exploiting the unknown and evading blocking techniques thanks to a growing, global marketplace for selling software vulnerabilities,” said Zheng Bu, vice president of security research, FireEye. “The old security model of tracking known threats and relying on signature-based solutions are simply powerless to stop zero-day threats. The number of zero-day attacks profiled in the paper highlight why organizations need to take a new approach to security by combining next-generation technology with human expertise.”

The 11 zero-days analyzed were uncovered and evaluated by FireEye Labs using threat intelligence from more than two million virtual machines communicating into the FireEye® Dynamic Threat Intelligence™ (DTI) cloud. The technology has already found two of the four zero-days uncovered in 2014. Evading traditional cyber defenses, these zero-days facilitated attacks against consumers and organizations, including the Council on Foreign Relations and the U.S. Department of Labor. Looking beyond just blocking these vulnerabilities, FireEye forensics experts found that watering-hole attacks targeting specific audiences and industries are a rapidly rising trend in the attack space.

“While FireEye’s “Less Than Zero” paper is a must-read for security professionals, it is equally important for business executives as a means for understanding what they are up against,” said Jon Oltsik, senior principal analyst at the Enterprise Strategy Group. “Today’s sophisticated cyber adversaries can easily circumvent existing security controls, penetrate corporate networks, and may ultimately be used to steal extremely valuable data. CEOs must come to terms with these threats and make sure to align them with their overall risk management, business planning, and fiduciary responsibilities.”

“Less Than Zero” is a continuation of the FireEye mission to support the next generation of security. It provides advice to readers on how networks, incident response, and application management should be approached to deal with the advanced, unknown threats of today. More of the company’s recently published researched can be found on theFireEye blog, including its 2013 Advanced Threat Report that uncovered enterprises are attacked on average once every 1.5 seconds.

To view a full copy of “Less Than Zero: A Survey of Zero-day Attacks in 2013 and What They Say About the Traditional Security Model” please visit: http://www.fireeye.com/resources/pdfs/white-papers/fireeye-zero-day-attacks-in-2013.pdf.

About FireEye, Inc.

FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 1,900 customers across more than 60 countries, including over 130 of the Fortune 500.

Media Contact

Vitor De Souza
FireEye, Inc.
vitor.desouza@fireeye.com
(415) 699-9838

# # #

© 2014 FireEye, Inc. All rights reserved. FireEye and Dynamic Threat Intelligence are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
securityaffairs
100%
0%
securityaffairs,
User Rank: Ninja
3/27/2014 | 7:53:05 PM
FireEye ... an excellent score
Zero-day attacks are very insidious, in the majority of the cases these offensives go undetected for several years causing serious damages in term theft of sensible data and intellectual property.

Zero-day detection need a structures approach to security, attackers are using tactics even more sophisticated and experts at FireEye demonstrated in 2013 to be one of the most active and efficient security team.

The acquisition of Mandiant will reinforce it leadership and capabilities to early detect such cyber threats.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-1032
Published: 2014-09-17
Cross-site scripting (XSS) vulnerability in the Euroling SiteSeeker module 3.x before 3.4.5 for EPiServer allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party inf...

CVE-2012-1417
Published: 2014-09-17
Multiple cross-site scripting (XSS) vulnerabilities in Local Phone book and Blacklist form in Yealink VOIP Phones allow remote authenticated users to inject arbitrary web script or HTML via the user field to cgi-bin/ConfigManApp.com.

CVE-2012-1506
Published: 2014-09-17
SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM before 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryId parameter to plugins/ajaxCalls/haltResumeHsp.php. NOTE: some of these details are obtained from th...

CVE-2012-1507
Published: 2014-09-17
Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM before 2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) newHspStatus parameter to plugins/ajaxCalls/haltResumeHsp.php, (2) sortOrder1 parameter to templates/hrfunct/emppop.php, or (3) uri parameter to index...

CVE-2012-2583
Published: 2014-09-17
Cross-site scripting (XSS) vulnerability in Mini Mail Dashboard Widget plugin 1.42 for WordPress allows remote attackers to inject arbitrary web script or HTML via the body of an email.

Best of the Web
Dark Reading Radio