• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – Microsoft Patches 58 Vulnerabilities in Multiple Products
December 9, 2020
Rewterz Threat Advisory – Multiple Embedded TCP/IP Stacks Multiple Vulnerabilities
December 9, 2020

Rewterz Threat Alert – Stolen FireEye Red Team Tool Countermeasures

December 9, 2020

Severity

High

Analysis Summary

FireEye reports having been attacked by a highly sophisticated threat actor, highly likely to be a state-sponsored attacker. The threat actors stole its red team tools. FireEye aims to share the details of their investigation, to better equip the entire community against malicious use of their tools. It’s not yet confirmed whether the threat actors aim to use these tools in cyber attacks. However, FireEye has released countermeasures to ensure awareness and protection against the attempted use of these Red Team tools.

Impact

Possible Intrusion

Indicators of Compromise

MD5

  • c74ebb6c238bbfaefd5b32d2bf7c7fcc
  • 5125979110847d35a338caac6bff2aa8
  • fa255fdc88ab656ad9bc383f9b322a76
  • f7d9961463b5110a3d70ee2e97842ed3
  • f41074be5b423afb02a74bc74222e35d
  • f20824fa6e5c81e3804419f108445368
  • edcd58ba5b1b87705e95089002312281
  • e91670423930cbbd3dbf5eac1f1a7cb6
  • e89efa88e3fda86be48c0cc8f2ef7230
  • e7beece34bdf67cbb8297833c5953669
  • e4efa759d425e2f26fbc29943a30f5bd
  • dfbb1b988c239ade4c23856e42d4127b
  • dd8805d0e470e59b829d98397507d8c2
  • cf752e9cd2eccbda5b8e4c29ab5554b6
  • cdf58a48757010d9891c62940c439adb
  • c74ebb6c238bbfaefd5b32d2bf7c7fcc
  • c0598321d4ad4cf1219cc4f84bad4094
  • c02594972dbab6d489b46c5dee059e66
  • a91bf61cc18705be2288a0f6f125068f
  • a8b5dcfea5e87bf0e95176daa243943d
  • a107850eb20a4bb3cc59dbd6861eaf0f
  • 9e85713d615bda23785faf660c1b872c
  • 9dcb6424662941d746576e62712220aa
  • 9c8eb908b8c1cda46e844c24f65d9370
  • 995120b35db9d2f36d7d0ae0bfc9c10d
  • 98ecf58d48a3eae43899b45cec0fc6b7
  • 848837b83865f3854801be1f25cb9f4d
  • 83ed748cd94576700268d35666bf3e01
  • 82773afa0860d668d7fe40e3f22b0f3e
  • 8025bcbe3cc81fc19021ad0fbc11cf9b
  • 7af24305a409a2b8f83ece27bb0f7900
  • 79259451ff47b864d71fb3f94b1774f3
  • 6f04a93753ae3ae043203437832363c4
  • 6efb58cf54d1bb45c057efcfbbd68a93
  • 68acf11f5e456744262ff31beae58526
  • 66e0681a500c726ed52e5ea9423d2654
  • 66cdaa156e4d372cfa3dea0137850d20
  • 5e14f77f85fd9a5be46e7f04b8a144f5
  • 590d98bb74879b52b97d8a158af912af
  • 5125979110847d35a338caac6bff2aa8
  • 4e7e90c7147ee8aa01275894734f4492
  • 4bf96a7040a683bd34c618431e571e26
  • 45736deb14f3a68e88b038183c23e597
  • 44887551a47ae272d7873a354d24042d
  • 4414953fa397a41156f6fa4f9462d207
  • 3e61ca5057633459e96897f79970a46d
  • 3bb34ebd93b8ab5799f4843e8cc829fa
  • 3b926b5762e13ceec7ac3a61e85c93bb
  • 3651f252d53d2f46040652788499d65a
  • 3322fba40c4de7e3de0fda1123b0bf5d
  • 2b686a8b83f8e1d8b455976ae70dab6e
  • 11b5aceb428c3e8c61ed24a8ca50553e
  • 100d73b35f23b2fe84bf7cd37140bf4d
  • 0a86d64c3b25aa45428e94b6e0be3e08
  • 05b99d438dac63a5a993cea37c036673
  • 04eb45f8546e052fe348fda2425b058c

SHA-256

  • b6ef03aec5d10e371f0b06c661036d838ef55fa7dc75cf91fca3622bdefa8140
  • 078403b4e89ff06d2fe2ed7e75428a381f83ffb708dbd01b0220767498947f0c

SHA1

  • b98cded462dfd80c682c953830e3df744cac756d
  • 218651ac5b575c3f9642c2e9a5928aa22fab8483

Remediation

Block the threat indicators at their respective controls.

  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.