1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Researcher to FireEye: If you're not paying, I'm not talking

Discussion in 'CSO' started by RSS, Sep 8, 2015.

  1. RSS

    RSS New Member Member

    On Sunday, Kristian Erik Hermansen disclosed an unauthorized file disclosure vulnerability in FireEye's core product. The zero-day disclosure quickly generated public attention, as did the discussion around three other vulnerabilities that haven't been published and the $10,000 USD price tag on the flaws.

    But the disclosed vulnerability and the three other unpublished flaws are not the only thing FireEye has to be concerned about, there's plenty more where that came from.

    Hermansen, along with researcher Ron Perris, has claimed the discovery of at least thirty additional flaws in FireEye's products. Many of them are in the HX line, but plenty of others exist in various products too, Hermansen added.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page