FireEye & RazorEQX #23
Labels
research
Incidents that require research
Comments
|
I can already see this one: | 2014-07-09 | FireEye | Jean-Marie Bourbon | Security flaws in FireEye's Malware Analysis System | According to Forbes, after sending details of the vulnerabilities to be posted on Exploit-DB, Bourbon was suspended from his day job, due to pressure from FireEye who has denied involvement. Ultimately, FireEye patched the issues, released an advisory, and credited Bourbon. | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There are two FireEye incidents already. In the HTML comments I have had this for a while and tried to get more details on Twitter:
https://twitter.com/RazorEQX/status/642124276573859841
I came under fire from [FireEye] just over a year ago for disclosing a bug they didn.t seem important to fix.
https://twitter.com/RazorEQX/status/642125189904470016
Let me talk to the attorney that defended me. I lost a job over it.
Here's where I asked if it was one of the incidents:
https://twitter.com/securityerrata/status/643246845922250754
https://www.forbes.com/sites/thomasbrewster/2014/07/09/researcher-i-was-suspended-for-finding-flaws-in-fireeye-security-kit/?sh=6368bb336f77
Kind of surprised people still report vulns to FireEye after the other known incidents.
The text was updated successfully, but these errors were encountered: