Thursday, September 17, 2015

ERNW found five software flaws in FireEye's Malware Protection System - And FireEye is upset about it?



FireEye sending Cease-and-Desist Notice?


From the Article:

The kerfuffle between FireEye and ERNW, a consultancy in Germany, started after an ERNW researcher found five software flaws in FireEye's Malware Protection System (MPS) earlier this year.


In a face-to-face meeting in Las Vegas on Aug. 5, Ray wrote that it appeared the two companies had reached a consensus on a draft of the disclosure document.

But about a day later, FireEye sent ERNW a cease-and-desist letter, which focused on the disclosure of the company's intellectual property, Rey wrote. The letter contended that no consensus had been reached between the parties the day before.

Before ERNW responded in writing, FireEye obtained an injunction on Aug. 13 from a district court in Hamburg


FireEye issued a notification describing the vulnerabilities, which it patched some time ago, on Sept. 8. Although it is customary to include a timeline from when a vendor is notified to when patches were issued, FireEye's notice doesn't contain one.




Form More Info
http://www.pcworld.com/article/2983144/fireeye-takes-security-firm-to-court-over-vulnerability-disclosure.html

No comments:

Post a Comment