Luke Richards

Why uncovering command and control channels is key to stopping today’s cyber attacks.

On November 1st 2022, after teasing the main show the week before, OpenSSL released their advisory describing two risks to OpenSSL 3.0.0 - 3.0.6. This was originally teased as a Critical level alert, which would have been the first Critical since 2015, however this was downgraded to a High owing to what OpenSSL describe as "mitigating factors".

What If there was a Supply Chain Compromise of an IDP? The recent security incident at Okta represents yet another perspective on supply chain compromises. This blog provides perspective on the current situation and mitigation and defense strategies to manage such an event.

Updated perspective on cyberthreats as a result of ongoing Ukrainian/Russian conflict, including specific custom recall queries, and aggregation of common Russian state actor TTPs.

Vectra customers should be aware that current global events related to Russian recognition of separatist regions of the Ukraine carry with them the risk of increased cyber activity conducted by Russian state level actors. This includes evidence that the FSB, the main Intelligence Organization in Russia, is responsible for the DDoS against Ukrainian systems in February 2022.

A few days after the Log4Shell vulnerability was discovered, we now have more observations about how the exploit is being leveraged. Here's what we know, today.

Explore the impact of the Log4j zero-day vulnerability (CVE-2021-44228), methods of detection, and the latest exploitation attempts by threat actors.

A new remote code execution vulnerability in Windows Print Spooler, now known as CVE-2021-1675, or PrintNightmare can be exploited by attackers to take control of affected systems. Find out how to detect and stop this exploit with Vectra.

Discover what you need to know about the SolarWinds Orions compromise, how it unfolded and why monitoring users in the cloud is imperative to protect your enterprise.