Connect with us

Hi, what are you looking for?


Malware & Threats

FireEye Unveils Solution to Thwart Spear Phishing Attacks

Email Security Appliance Provides with Real-Time Analysis of Embedded URLs and Attachments To Protect Against Targeted, Socially Engineered Attacks

Email Security Appliance Provides with Real-Time Analysis of Embedded URLs and Attachments To Protect Against Targeted, Socially Engineered Attacks

It can happen to anyone. Even Intel’s CEO, Paul Otellini has been a victim of a spear phishing attack. At a Forrester security event in Boston this past fall, Intel’s CISO Malcolm Harkins shared a story of how its top executive fell victim to a targeted attack. In this case, the attacker decided to use public information from a lawsuit that Intel was involved in at the time. The attacker crafted clever emails, appearing to be from Intel’s attorney, and sent along some malicious attachments which Otellini decided to click on. It was from a trusted source, right? Wrong. In the end no sigificant harm was done, but the attacker was successful in penetrating one of the largest tech companies in the world and getting its top executive to do his part in helping the attack be a success.

FireEye APTFireEye, a provider of anti-malware solutions, at the RSA Conference in San Francisco, today announced a solution designed to specifically protect against these types of spear phishing attacks. The new “FireEye Email Malware Protection System” helps stops targeted email attacks to prevent malware-induced network breaches and data theft. 

These types of targeted attacks, often referred to as Advanced Persistent Threats, until recently, were quite rare. Not anymore. “Consider the Operation Aurora attacks, which employed some of the tactics we touched on above. The Operation Aurora attacks targeted many companies, in addition to Google, such as Adobe Systems, Juniper Networks, Rackspace, Yahoo, Symantec, Northrop Gruman and Dow Chemical,” said Terry Cutler of Digital Locksmiths and a SecurityWeek columnist.

With the launch of the FireEye Email MPS, enterprises and government agencies can protect data and networks from recurring Modern Malware infections and advanced, persistent threats (APTs) that attack using malicious email content and attachments. “The Email MPS represents a new generation of messaging security protecting against email attacks using malicious URLs and attachments exploiting zero-day vulnerabilities,” said Ashar Aziz, CEO, CTO and Founder of FireEye. “FireEye’s integrated MPS solutions protect organizations across the Web and Email attack vectors.”

The solution features a Real-time Attachment and URL Analysis engine that evaluates emails for zero-hour malware using virtual machines running a cross-matrix of operating systems and applications, such as various web browsers and plug-ins. This dynamic analysis enables FireEye to detect and stop spear phishing email attacks aimed at known and truly unknown OS and application vulnerabilities. Using data collected from its Cloud Intelligence network, customers get security content about malicious attachments targeting zero-day vulnerabilities, malware callback channels, and URL blacklist updates. With blended attacks using email and the Web on the increase, it is critical to have a zero-hour, signature-less malware protection engine to analyze links in email as well as file attachments, such as PDF documents, Microsoft Office files, multi-media content, and other file formats.

“Using the FireEye Email MPS, we’ve been able to stop over three dozen separate spear phishing attacks over the course of two weeks,” said an IT administrator at a defense contractor, who asked to remain anonymous.

The FireEye Email MPS is an appliance that requires no tuning and deploys as an MTA (Message Transfer Agent), SPAN device, or as a BCC destination. The appliance is deployed behind an existing email control point such as an antispam gateway.

Advertisement. Scroll to continue reading.

“While you read about how security threats have grown more menacing, it’s important to also remember that security defenses also have grown more powerful. The critical thing is to take the necessary steps to protect your infrastructure and your data. That’s where most businesses fall short. And it’s a mistake that is growing increasingly costly to make,” cutler adds.

Available in the second quarter of 2011, pricing begins at $54,950 for the appliance, with per seat licenses starting at $11.68 for a 5,000 seat organization.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Malware & Threats

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

Malware & Threats

A vulnerability affecting IBM’s Aspera Faspex file transfer solution, tracked as CVE-2022-47986, has been exploited in attacks.