Open attritionorg opened 3 years ago
I can already see this one:
| 2014-07-09 | FireEye | Jean-Marie Bourbon | Security flaws in FireEye's Malware Analysis System | According to Forbes, after sending details of the vulnerabilities to be posted on Exploit-DB, Bourbon was suspended from his day job, due to pressure from FireEye who has denied involvement. Ultimately, FireEye patched the issues, released an advisory, and credited Bourbon. |
There are two FireEye incidents already. In the HTML comments I have had this for a while and tried to get more details on Twitter:
https://twitter.com/RazorEQX/status/642124276573859841 I came under fire from [FireEye] just over a year ago for disclosing a bug they didn.t seem important to fix. https://twitter.com/RazorEQX/status/642125189904470016 Let me talk to the attorney that defended me. I lost a job over it.
Here's where I asked if it was one of the incidents: https://twitter.com/securityerrata/status/643246845922250754 https://www.forbes.com/sites/thomasbrewster/2014/07/09/researcher-i-was-suspended-for-finding-flaws-in-fireeye-security-kit/?sh=6368bb336f77
Kind of surprised people still report vulns to FireEye after the other known incidents.