Datto has released a countermeasure scanning tool that helps MSPs to defend against hackers who may be using stolen FireEye Red Team penetration testing tools. Datto Chief Information Security Officer (CISO) Ryan Weeks disclosed the countermeasure scanner in a blog post.
In the blog, Weeks wrote:
"Datto has created a FireEye Red Team Countermeasure Scanner that leverages the FireEye published detection methods. MSPs can use the scanner to detect indicators that the stolen tools are being, or have been, used on managed systems."
The FireEye Red Team Countermeasure Scanner is available free to Datto RMM partners on the ComStore. Moreover, Datto has made available a script that can be used in conjunction with any RMM to help the larger community prevent and detect threat actors misusing these stolen tools, Weeks says.
