FireEye Discovers 11 Zero-Days in 2013
FireEye Labs Combines Forensics Experts, Real Time Threat Intelligence, and
Virtual Machine Detection Technologies to Create Next-Generation Platform for
Threat Intelligence Services
MILPITAS, Calif., Dec. 19, 2013 (GLOBE NEWSWIRE) -- FireEye, Inc.
(Nasdaq:FEYE), the leader in stopping today's advanced cyber attacks, today
announced that FireEye Labs discovered more zero-day advanced attacks than any
security company in 2013. The attacks include:
*Operation DeputyDog (CVE-2013-3893)
*Operation Ephemeral Hydra (CVE-2013-3918)
*Council of Foreign Relations watering hole attack (CVE-2012-4792)
*Department of Labor watering hole attack (CVE-2013-1347)
Zero-day attacks exploit previously unknown vulnerabilities in widely deployed
software programs, such as Microsoft^® Internet Explorer^® or Adobe^®
Acrobat^®. These advanced attacks exploit the vulnerability to alter the
targeted program so that subsequent malicious behavior is extremely difficult
"Today's advanced attacks require a fundamentally different approach to
security," said David DeWalt, FireEye CEO. "By combining the threat
intelligence gathered from more than 2 million virtual machines,
industry-leading cyber threat research, and the expertise of some of the most
experienced incident response and forensic experts in the field, FireEye helps
our customers stay ahead of cyber attacks."
The FireEye Labs research team is led by senior director of research, Zheng
Bu, and the FireEye Labs field team is led by Bill Hau, vice president of
Today, FireEye Labs employs security researchers in locations around the
world, including Milpitas, CA, Reston, VA as well as Singapore, Bangalore,
India, and Cork, Ireland.
FireEye Services, which is now a part of FireEye Labs, has security experts in
five major geographic theaters to collect and disseminate threat intelligence,
while advising clients on incident response, digital forensics, and overall
security risk management.
FireEye Labs leverages threat intelligence fromover 2 million of virtual
machines communicating into the FireEye^® Dynamic Threat Intelligence^™ (DTI)
cloud. This enables FireEye Labs to observe attack patterns and provide
accurate and timely intelligence to better protect customers' networks. With
unprecedented insight into advanced persistent threats (APTs), the FireEye APT
Discovery Center^™ catalogs and analyzes hundreds of current and past APT
campaigns and updates threat detection algorithms frequently. The APT
Discovery Center characterizes APT attacks by technical footprint, geography,
and target industry to help security teams, law enforcement, and governments
improve security defenses.
Some of the major accomplishments of this combined team in 2013 include:
*Building the FireEye Zero-Day Discovery Center that uncovered 11 zero-day
vulnerabilities exploited in targeted attacks.
*Finding two major vulnerabilities in Google's Android^™ mobile operating
*Uncovering the 14 most common sandbox evasion methods.
*Cataloging 160 APT campaigns across 25 million attack events.
*Leveraging next-generation analytics that helped identify high-profile
advance campaigns such as Operation DeputyDog and Operation Ephemeral
*Establishing Cyber Forensic Labs in five major locations across the globe
to support customers with evidence acquisition, chain of custody, and
investigations as necessary.
FireEye Services is comprised of a team of experts who investigate breaches
for some of the world's largest enterprises and governments.This team is
available to support and manage all aspects of security research and provide
risk management expertise. Advanced services available to customers include
global incident response, digital forensics, penetration testing, red carpet
services, APT Health Checks, incident response planning, and advanced threat
About FireEye, Inc.
FireEye has invented a purpose-built, virtual machine-based security platform
that provides real-time threat protection to enterprises and governments
worldwide against the next generation of cyber attacks. These highly
sophisticated cyber attacks easily circumvent traditional signature-based
defenses, such as next-generation firewalls, IPS, anti-virus, and gateways.
The FireEye Threat Prevention Platform provides real-time, dynamic threat
protection without the use of signatures to protect an organization across the
primary threat vectors and across the different stages of an attack life
cycle. The core of the FireEye platform is a virtual execution engine,
complemented by dynamic threat intelligence, to identify and block cyber
attacks in real time. FireEye has over 1,300 customers across more than 40
countries, including over 100 of the Fortune 500.
© 2013 FireEye, Inc. All rights reserved. FireEye, Dynamic Threat
Intelligence, and APT Discovery Center are registered trademarks or trademarks
of FireEye, Inc. in the United States and other countries. Microsoft and
Internet Explorer are either registered trademarks or trademarks of Microsoft
Corporation in the United States and/or other countries. Adobe and Acrobat are
either registered trademarks or trademarks of Adobe Systems Incorporated in
the United States and/or other countries. Android is a trademark of Google
Inc. All other brands, products, or service names are or may be trademarks or
service marks of their respective owners.
CONTACT: Media Contact
Press spacebar to pause and continue. Press esc to stop.