FireEye Speaks At U.S. Department Of Defense Cyber Crime Conference On How To Stop Web Malware Attacks

January 26, 2009 at 12:00 AM EST
FireEye Speaks At U.S. Department Of Defense Cyber Crime Conference On How To Stop Web Malware Attacks

Milpitas, Califorinia - Jan 26, 2009 – FireEye, Inc., the leader in global anti-malware and anti-botnet protection, announced today that Ashar Aziz, founder and CEO, will speak at the U.S. Department of Defense (DoD) Cyber Crime Conference and Exposition 2009 being held from January 26-30 in St. Louis, Mo. on the topic, "Web Malware: Combating the New Keys to the Kingdom." Participation in this event punctuates an eventful fall for FireEye, in which the company was instrumental for supplying critical research regarding the infamous McColo shutdown and subsequent spam and botnet activity, including providing guidance to help victims disengage from the Srizbi botnet. On January 14, Aziz also posted Recommendations for Cyber Security in the 44th Presidency on the company's Malware Intelligence Blog. FireEye continues to wage war on Web malware and team with government agencies to provide an effective defense to both public and private sectors.

"Web-based malware is the attack vector of choice for today's cyber criminals because almost all organizations allow Web access," said Ashar Aziz, founder and CEO of FireEye. "These attacks are increasingly sophisticated and stealthy, exploiting Web browser vulnerabilities to install malware that issues outbound calls back to cyber criminals to establish expansive networks of infected machines. Government defense and intelligence agencies represent an extremely lucrative and impactful target for today's cyber espionage schemes."

Government and military organizations possess substantial data stores that are very attractive to cyber criminals. Like their private sector counterparts, these organizations must allow for Web traffic flow while protecting their users against Web-borne threats. Cyber criminals are using increasingly sophisticated tactics to evade detection including obfuscated code. Today's countermeasures have been ineffective in preventing Web malware intrusions and the subsequent call backs to Command and Control (C&C) infrastructures. In his session at the DoD Cyber Crime Conference, Aziz will examine the malware infection cycle and discuss how government agencies can take preventative measures at each step. Attendees will learn how to detect, defend against and mitigate Web malware and botnet infiltrations.

The threat to national cyber security is pervasive and severe, executed through schemes leveraging Web malware, botnets and social engineering, fueling a lucrative underground economy, and giving rise to cyber warfare. The Center for Strategic and International Studies' (CSIS) Commission on Cyber Security for the 44th Presidency recently detailed the magnitude and severity of the cyber security problem. In response, Aziz posted a discussion on the urgent need for a modern national cyber security policy. The post, entitled "Barbarians inside the Cyber Gates" includes a list of ten Recommendations for Cyber Security in the 44th Presidency and can be viewed at the FireEye Malware Intelligence Blog:

Earlier this fall, FireEye provided substantial intelligence on Srizbi botnet activity following the infamous shutdown of San Jose, Calif. hosting provider McColo. FireEye also provided guidance to clean Srizbi-infected machines including third-party resources. For more information, please see or visit the FireEye Malware Intelligence Blog to view the research teamÕs findings related to the McColo incident and other Web malware and botnet analysis.

About FireEye's Session at the U.S. Department of Defense Cyber Crime Conference
Ashar Aziz will present "Web Malware: Combating the New Keys to the Kingdom" on Friday, January 30 from 11:00 to 11:50 a.m. as part of the Information Assurance Track. The U.S. Department of Defense Cyber Crime Conference is being held January 26-30, 2009 at the Renaissance Grand Hotel in St. Louis, Mo. For more information, please visit

The FireEye security appliances and FireEye Malware Analysis & Exchange (MAX) Network service together provide comprehensive anti-malware and anti-botnet protection. FireEye appliances use virtual victim machines to analyze enterprise networks for Web-malware and related bot activities on compromised machines. The FireEye MAX Network is a globally deployed malware discovery and analysis service that provides subscribers with the most current botnet and Web malware intelligence to complement on-premise anti-malware security appliances. It catalogs and disseminates security intelligence such as the inbound attack vector as well as the outbound call-back channels used to steal data. This is all derived from malware analyses which are conducted by interconnected networks of FireEye security appliances selectively deployed at service providers around the world. FireEye's solution offers the industry's first complete global and local anti-malware protection to precisely identify, understand, and stop emerging botnet and Web malware threats.

About FireEye, Inc.

FireEye, Inc. is the leader in anti-malware and anti-botnet protection, enabling organizations to protect critical intellectual property, computing resources, and network infrastructure against Web malware and botnet infiltration. Today's most damaging attacks are perpetrated through Web malware that forms into highly organized botnets, or networks of remotely controlled, compromised machines. FireEye delivers a complete solution that is designed from the ground up to detect and protect organizations from advanced Web malware and botnets through global and local intelligence and analysis. The company is backed by Sequoia Capital, Norwest Venture Partners, JAFCO, SVB Capital, DAG Ventures, and Juniper Networks. For more information, contact (408) 321-6300 or email:


©2006-2009 FireEye, Inc. All rights reserved. FireEye and the FireEye logo are registered trademarks of FireEye, Inc. in the United States and/or other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.