Softpedia >News >Security
Softpedia Homepage   

FireEye Embroiled in Scandal Regarding the Disclosure of a Security Flaw in Its Servers

FireEye sues to prevent InfoSec researcher from presenting a research paper at 44CON security conference

Sep 11, 2015 23:16 GMT  ·  By
FireEye sues to prevent InfoSec researcher from presenting a research paper at 44CON security conference
   FireEye sues to prevent InfoSec researcher from presenting a research paper at 44CON security conference

FireEye, a leading provider of cyber-security products, has sued a German company and prevented it from disclosing details about a security vulnerability they've found in its infrastructure.

ERNW, a German security consulting company, had discovered various flaws in FireEye's server infrastructure in April this year.

The company worked together with FireEye to fix the issues, meaning a FireEye NX device running the webMPS operating system in version 7.5.1.

According to the research, the vulnerabilities "could be triggered by sending an email to an arbitrary corporate address or by embedding the exploit code in a document (to-be) downloaded via HTTP." If successful, these allowed "an attacker to compromise [FireEye's] virtual machine-based malware detection systems."

Nothing new here. This sounds like a regular security vulnerability, which was reported and fixed in the meantime.

FireEye were accused of being hypocrites

The scandal that set the InfoSec community on fire started when at the 44CON security conference in London, ERNW researchers showcased their report, but had heavily redacted some of the slides in their presentation.

According to later inquiries on the subject, ERNW employees revealed that FireEye had gone to a German court during the summer and got an injunction preventing the researchers from presenting some of the data in their research.

Since FireEye regularly does the same thing, searching for security vulnerabilities and disclosing them, the press had a field day, skewering the company for being hypocrites.

Now after some of the dust has settled, both ERNW and FireEye have come forth and publicly detailed that the injunction covered only technical details that revealed intellectual property and would have put some of their clients' security at risk.

According to FireEye sources, these details included the affected server's IP address and some of the technical inner-workings of FireEye's Malware Protection System (MPS).

The full research paper describing the now-patched vulnerability has been made public in the meantime.