Blogs

Cyber attack of the clones

Posted by Chris Morales on Nov 27, 2016 12:00:00 PM

In previous research from the Vectra Threat Labs, we learned that seemingly innocuous vulnerabilities can become serious problems in the context of the Internet of Things (IoT). IoT is the unattended attack surface, and more IoT devices means bigger clone armies.

 

The recent public release of source code for malware named "Mirai" has proven exactly that. Mirai continuously scans the Internet for IoT devices using factory default usernames and passwords, primarily CCTV and DVRs.

Read More »

Topics: Vulnerabilities, IoT


Vectra Threat Labs discovers vulnerabilities in Adobe Reader and Internet Explorer

Posted by Vectra Threat Labs on Oct 14, 2015 9:17:00 AM

adobe_vuln1

Today, Vectra researchers were again credited with discovering critical vulnerabilities that impact the security of Adobe Reader, VBScript, and Internet Explorer.

Read More »

Topics: Vulnerabilities


The Impact of IoT on Your Attack Surface

Posted by Wade Williamson on Sep 29, 2015 8:12:00 AM

Researchers from Vectra Threat Labs recently performed an in-depth analysis of vulnerabilities found in a common Belkin wireless repeater. Today in an article on Dark Reading, Vectra CTO Oliver Tavakoli digs into why seemingly innocuous vulnerabilities can become serious problems in the context of the Internet of Things (IoT). Read the full article here.

Of particular importance to security teams, IoT is not only bringing far more devices into the network, but they are also devices that very rarely get patches and updates. This means that vulnerabilities can be left unaddressed for months or even years.  Likewise, these devices are unlikely to be protected by signatures and will almost assuredly be unable to run client-based security.

Read More »

Topics: Vulnerabilities, IoT


Microsoft Internet Explorer 11 Zero-day

Posted by Vectra Threat Labs on Jul 14, 2015 10:35:00 AM


Summary

On July 6th, information spread that the Italian company known as the Hacking Team were themselves the victims of a cyber attack. In the aftermath of this leak, Vectra researchers have analyzed the leaked data, and identified a previously unknown vulnerability in Internet Explorer 11 that impacts a fully patched IE 11 on both Windows 7 and Windows 8.1.

The hunt for the vulnerability began when we noticed an email from an external researcher who attempted to sell a proof-of-concept exploit to Hacking Team. The email was sent on 02/06/2015 and described an exploitable use-after-free bug in Internet Explorer 11. While Hacking Team ultimately declined to buy the PoC exploit, the email gave enough information for Vectra researchers to find and analyze the vulnerability.

While Hacking Team declined to purchase the PoC exploit, there is a chance the researcher went elsewhere to sell it, meaning that it may have been exploited in the wild.

Read More »

Topics: Vulnerabilities