Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Nation-State Hackers Breached FireEye, Stole Its Red Team Tools
Newest First  |  Oldest First  |  Threaded View
secdyne
50%
50%
secdyne,
User Rank: Apprentice
12/11/2020 | 3:49:04 PM
Re: Proof, yet again, that there is no such thing as computer security
Security is not a binary proposition...it's more analog. That said, any organization can be susceptible to a high capability threat actor. Despite this being the worst theft of cyberweapons (any tool can be weaponized) since the 2016 Shadowbrokers hitjob on the NSA, this incident will in my estimate force the evolution of countermeasures. 
tdsan
50%
50%
tdsan,
User Rank: Ninja
12/10/2020 | 3:15:44 PM
Re: Proof, yet again, that there is no such thing as computer security
Interesting, this is almost laughable. Accenture Government, Army, Airforce, Marriott, NSA and major government installations have allowed hacks to take place across the globe (Airforce - England, Accenture - China, Marriott - ???, NSA - Shadow Brokers and Ed. Snowden, FireEye - Russia, Army - ???, Personnel Division/State Dept - China Red Team, CapitalOne - Paige Thompson)

But one thing about a few of these attacks, specific attacks were identified as an inside attack. I do believe this was the same because they are a reputable securty company so this is surprising to hear.

Anyway, the investigation and unveiling the issue will soon begin.

FireEye
lancop
50%
50%
lancop,
User Rank: Moderator
12/9/2020 | 6:35:22 PM
Proof, yet again, that there is no such thing as computer security
After yaars of seeing companies with the best network security technologies in the world professionally deployed, operated and maintained, we witness, yet again, that there is no such thing as computer security. Only other targets being breached before they get around to you.

Especially troubling because we de-industrialized our economy in favor of the information economy, and now we know that IP can easily be stolen by foreign powers who want it badly enough. So, what really matters in the 21st century is who has the nimble industrial capability and financial capital to produce, market and improve whatever is successfully stolen from the company that did the hard work of inventing it.

The knowledge economy is no longer proprietary. Where does it leave us in the decades to come?


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-43056
PUBLISHED: 2021-10-28
An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values.
CVE-2021-43057
PUBLISHED: 2021-10-28
An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs because of an attempt to access th...
CVE-2021-3904
PUBLISHED: 2021-10-27
grav is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-3906
PUBLISHED: 2021-10-27
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
CVE-2021-3903
PUBLISHED: 2021-10-27
vim is vulnerable to Heap-based Buffer Overflow