Media coverage published in 2022

Data science and machine learning will fight cyber-attacks, says Vectra Networks: 2015 Tech Predictions

December 31, 2014

SiliconANGLE

Vectra VP of Marketing Mike Banic predicts data science and machine learning will become the focus of the fight on cyber-attacks, cyber security will get social, and new entrants will continue to disrupt the cyber security market.

Read more

New products of the week 12.22.2014

December 22, 2014

Network World

Our roundup of intriguing new products from companies such as Dell, CloudBerry and Vectra (See Slide 16).

Read more

Vectra X-series platform identifies threats in real-time

December 22, 2014

eWeek

Real-time cyber-attack detector Vectra Networks has introduced a real-time detection platform for insider and targeted threats.

Read more

Breach detection, Sony Entertainment and Vectra Networks

December 19, 2014

EMA Blogs

Working in information security for the past 20 years, I have seen a lot. Though there have been many multi-million dollar impact breaches, the recent Sony Pictures hack and subsequent data exposure and extortion is probably the most impactful to a company out of the previous breaches this year.

Read more

Vectra releases real-time threat detection platform to protect against targeted attacks

December 15, 2014

PCC Mobile Broadband

Vectra Networks has released an updated real-time detection platform – X-series platform – aimed for insider and targeted threats detection.

Read more

Put the insider threat in your sights

December 15, 2014

InfoTech

Regardless of how well we secure our assets from outside parties, we ultimately need to give access to our employees, contractors and partners in order for them to do their jobs. Misuse of this privileged access, whether through data theft or damage, is an unfortunate, yet inherent risk of doing business for most organizations.

Read more

Vectra launches real-time detection platform to curb insider threats

December 11, 2014

Homeland Security Today

Vectra Networks announced release of a real-time detection platform to protect organizations and government agencies from insider and target threats.

Read more

Vectra updates threat detection platform

December 10, 2014

SecurityWeek

The Vectra X-series platform is designed to detect sophisticated threats by using a combination of security research, data science and machine learning. According to the company, the product is capable of detecting attacks on all operating systems, applications and devices regardless of the method and location of the initial delivery.

Read more

Vectra launches real-time threat detection

December 10, 2014

The VAR Guy

Vectra Networks has released its updated X-series platform, the first real-time detection solution designed to discover insider and targeted threats. The new platform promises to help organizations gain instant visibility into potential threats by leveraging a combination of dynamic community threat analysis and real-time detection of cyberattacks.

Read more

Video: Tracking cyber threats from inside a company

December 10, 2014

Bloomberg TV's Taking Stock

CEO Hitesh Sheth tells Bloomberg TV's Pimm Fox how Community Threat Analysis dynamically creates a clear picture of typical network access through the entire corporate network, identifying anomalies and flagging unauthorized access to documents, data and intellectual property, making it an effective way of recognizing insider attacks.

Read more

Review: Vectra X-series prevents data breaches with AI

December 9, 2014

Enterprise Networking Planet

Frank Ohlhorst details how data breaches happen and what Vectra’s X-series security appliances can do to detect and prevent them.

Read more

An epic ride: A look back at the ever-changing information security industry

December 8, 2014

SC Magazine

“We've gone from an environment where people were essentially stationary with fixed computing assets to one where everything is porous and people are mobile and applications and data and information are all in the cloud,” says Hitesh Sheth, president and CEO for Vectra Networks.

Read more

Industry reactions to devastating Sony hack

December 5, 2014

SecurityWeek

The systems of entertainment giant Sony have been hacked once again, and although the full extent of the breach is not yet known, the incident will likely be added to the list of most damaging cyberattacks.

Read more

The inner workings of a targeted attack

December 1, 2014

TechRepublic

Vectra Networks' X-series of appliances combine advanced analytics with AI to identify threats in real time.

Read more

Vectra post-breach report reveals attacker habits

November 25, 2014

The VAR Guy

Ten percent of hosts experience at least one or more cyberattacks that bypass enterprise security perimeter defenses, according to a new study by security solution provider Vectra Networks.

Read more

NotCompatible mobile malware gets badder

November 21, 2014

LinuxInsider

The new "C" version of the NotCompatible malware that targets Android devices is very difficult to stop – but it's not that hard to avoid.

Read more

Survey roundup: False sense of security?

November 14, 2014

Wall Street Journal

A report by data security company Vectra Networks looks at how cybercriminals bypass perimeter defenses, andwhat they do inside a network once they have gained access.

Read more

Feedback Friday: Executives targeted in 'darkhotel' attacks

November 14, 2014

SecurityWeek

When it comes to the darkhotel issue and the fast-evolving threat landscape, "what the malware is doing" is more important than "what the malware is."

Read more

U.S. Postal Service employees, retirees, customers exposed in hack attack

November 11, 2014

Tech News World

There's speculation that China might be behind a months-long hack attack that breached USPS servers, compromising personal data of workers and customers.

Read more

What attackers do after a breach

November 6, 2014

ISS Source

An attack happens and he or she is able to squeeze by the perimeter defense; that is just the beginning for an assault on a network, a new report shows.

Read more

What attackers do after bypassing perimeter defenses

November 6, 2014

Help Net Security

Vectra Networks collected data over five months from more than 100,000 hosts within sample organizations to gain a deeper understanding of breaches that inevitably bypass perimeter defenses, and what attackers do once inside networks.

Read more

BYOD and other hazards

November 6, 2014

GARP

Mobile technologies can be a boon to productivity, but they also introduce cyber-security vulnerabilities that technologists and insurers are laboring to protect.

Read more

From malware to breach

November 6, 2014

Dark Reading

Got malware? More than likely you do, but don't panic: The bulk of infections can be traced to standard botnet activity like spamming and click-fraud rather than data theft, a new study of real-world breaches has found.

Read more

Study: Organizations assailed by cyber attacks, 15 percent are targeted

November 6, 2014

SC Magazine

Highly organized, sophisticated and successful cyber attacks continue to assail organizations and while most are opportunistic, a higher than expected percentage are targeted, according to results from a recent study.

Read more

Vectra report reveals what attackers do once they bypass perimeter defenses

November 5, 2014

InfoTech

This is the first report, using real-world data from the Vectra X-series platforms currently in production networks, that reveals what attackers do within a network once they evade perimeter defenses.

Read more

Branch offices are more than a remote risk to network security

November 13, 2015

Computer Technology Review

While remote offices, clinics, bank branches and retail locations are critical to business success, they often lack the same security protections found at the headquarters or data center locations.

Text Link

Vectra is among 16 technology innovators at SINET

November 13, 2015

Ulitzer

The capstone event of SINET is its yearly innovation showcase in Washington, D.C., the last of which was held Nov. 3-4. The showcase brought together innovative solutions from 16 firms, including Vectra, selected by a collective of seasoned judges.

Text Link

Can we protect data without prying?

November 11, 2015

InfoSecurity

Are cybersecurity and privacy mutually exclusive, or is it possible to have both? Oliver Tavakoli, CTO of Vectra Networks, offers a quick analysis of the commercial solutions available from well-known cybersecurity suppliers to provide valuable insight.

Text Link

Cybersecurity students learn by hacking at RIT Collegiate Pentesting Competition

November 11, 2015

RIT University News

Rochester Institute of Technology is already planning its second Collegiate Pentesting Competition after the success of its first annual event held Nov. 7–8 in Rochester, N.Y. Teams from nine regional universities faced-off at RIT as they broke into computer networks, evaluated their weak points and presented plans to better secure them.

Text Link

Vectra sponsors collegiate competition to battle cyber threats

November 3, 2015

PRWeb

A new competition at Rochester Institute of Technology allows students to attack the problem of cyber security from a different perspective. Instead of defending themselves against attackers, as other cyber threat competitions do, these students create a full-fledged plan of attack and launch it against a network.

Text Link

TalkTalk reveals extent of data hack, second teen arrested

October 30, 2015

Energy & Technology Magazine

Two teens arrested after being implicated in the attack on internet service provider TalkTalk in which 1.2 million customer details were stolen last week.

Text Link

Putting on the cyber shift: How to adapt to advanced strategies

October 28, 2015

infoTECH Spotlight

Cyber attackers are moving laterally inside networks and using hidden tunnels of encrypted traffic to get around. The encrypted traffic that protects data within modern applications – such as SharePoint, Exchange, Salesforce.com, and Google Apps – creates a blind spot that can be exploited by advanced threats and malware.

Text Link

Breach analytics: The next billion-dollar investment opportunity

October 24, 2015

VentureBeat

Vectra takes the network analytics approach, proposing to weave together data via machine learning to surface anomalous behaviors and even anticipate an attacker’s next move.

Text Link

Expert comment: TalkTalk cyber breach

October 23, 2015

IDG Connect

For the third time, UK telecoms provider TalkTalk has fallen victim to a cyber-breach and there could be as many as four million customers affected.

Text Link

TalkTalk receives ransom demand following website hack

October 23, 2015

Wall Street Journal

TalkTalk Telecom Group PLC said Friday it has received a ransom demand from someone claiming responsibility for a criminal hack of its website that could have resulted in the theft of data from its database.

Text Link

Cyber security experts react to TalkTalk breach

October 23, 2015

Threat Intelligence Times

In the wake of news that TalkTalk have suffered their third serious data breach in a year, industry experts have lined up to express concern at the company’s blasé attitude toward cyber security.

Text Link

Oil and gas industry must face the challenges of cyber safety

October 18, 2015

Houston Chronicle

Cyber threats to the oil and gas industry infrastructure are potentially more serious than the breaches where hackers capitalize on stolen personal, health care or financial information. Nation states and foreign businesses have motivations to carry out cyber attacks with potentially crippling global consequences.

Text Link

EC3 in cooperative action to target Dridex banking malware

October 14, 2015

SC Magazine

EC3, NCA, FBI and a range of other bodies have targeted the Dridex banking malware, including using a sinkhole operation to sever communications between infected botnets and their controlling cyber-criminals.

Text Link

Vectra Networks comments on Dridex malware threat

October 14, 2015

Security News Desk

The National Crime Agency has issued a warning that a new version of the Dridex malware is targeting the UK, with £20 million having already been purported stolen by this attack.

Text Link

Taking stock: Ranking the next bllion-dollar cybersecurity markets

October 14, 2015

RSA Conference

Venky Ganesan, managing director at Menlo Ventures, writes, “I believe there will be significant winners…notably those that reduce false positives and prioritize workflows for better incident response and remediation. Among the early leaders are companies such as Exabeam, LightCyber, Securonix and Vectra Networks."

Text Link

Barry University gets smart about cyber security

October 14, 2015

Baseline

The university turns to Vectra for a real-time cyber-attack detection system that uses data science, machine learning and behavioral analysis to detect attacks in progress.

Text Link

Adobe patches many flaws in Flash Player, Acrobat, Reader

October 13, 2015

SecurityWeek

Updates released on Tuesday by Adobe for Flash Player, Reader and Acrobat address a significant number of vulnerabilities that expose the users of these products to hacker attacks. The work of experts from Vectra Networks has been acknowledged in finding and reporting vulnerabilities.

Text Link

Jackson Health System to present cyber attack prevention at ITxpo

October 2, 2015

mHealth Times

Vectra customer Jackson Health System will speak at the Gartner Symposium/ITxpo 2015 event next week. Jackson Health System CISO Connie Barrera will present “Protecting Health Organizations from Cyber Attacks” on Oct. 6 at 3:50 p.m. EDT in the Europe 8 Conference Room of the Walt Disney World Dolphin hotel in Orlando, Florida.

Text Link

SINET names Vectra a top cybersecurity innovator

October 1, 2015

Business Wire

SINET, an organization focused on advancing cybersecurity innovation through public and private sector collaboration, today announced the winners of its annual SINET 16 Innovator competition, including Vectra Networks.

Text Link

Vectra raises $35 million in sizzling cyber security investment market

September 30, 2015

Silicon Valley Business Journal

Vectra Networks raised $35 million in equity funding on Tuesday. DAG Ventures led the round with participation from all existing investors including Khosla Ventures, Accel Ventures, IA Ventures, AME Cloud Ventures, Intel Capital and Juniper Networks.

Text Link

Barry University adopts anti-cyber attack measures

September 29, 2015

Campus Technology

Barry University, a 9,000-student Catholic university in Miami, has signed Vectra Networks to protect its data and networks from cyber attacks.

Text Link

Value-added distributor Cloud Distribution teams up with Vectra in the UK

September 29, 2015

Channel Pro

Distributor Cloud Distribution has reached an agreement with Vectra Networks to provide the vendor’s security products to the channel. Cloud Distribution says it will help grow the Silicon Valley firm’s presence in the UK and forge relationships with new partners to drive revenue growth.

Text Link

Vectra signs Cloud Distribution as a value-added distributor in the UK

September 29, 2015

CRN

Cloud Distribution has inked a deal with cybersecurity vendor Vectra Networks as the US player launches in the UK.

Text Link

The unintended attack surface of the Internet of things

September 29, 2015

Dark Reading

While consumer Wi-Fi products may seem like an odd choice for intensive threat research, Vectra Threat Labs found that vulnerabilities in consumer and Internet of Things gear can end up having a much larger impact on enterprise security than you might think.

Text Link

Barry University stops cyber attack in progress with Vectra

September 29, 2015

CIO Today

Barry University has selected Vectra to protect its high-value data Relevant Products/Services as advanced persistent attacks (APTs) surge. Vectra’s automated threat management solution enables the university to detect cyber attacks as they are happening – automatically and in real time.

Text Link

Was CFOs aus Hackerangriffen lernen können

December 29, 2016

Finance Magazine

Erfolgreiche Cyberattacken auf Konzerne häufen sich. CFOs sollten daher genau überlegen, ob sie bei Investitionen in die IT-Sicherheit auf die Bremse treten. Denn Einsparungen an der falschen Stelle können den wirtschaftlichen Erfolg eines Unternehmens schnell gefährden. Hitesh Sheth, CEO bei Vectra Networks erklärt in FINANCE, warum vor allem immer öfter firmeneigene Rechenzentren Ziel von Hackerangriffen werden.

Text Link

How artificial intelligence will solve the security skills shortage

December 28, 2016

Dark Reading

The infosec world is embracing artificial intelligence and the seismic changes it will bring to threat detection and mitigation, Vectra CSO Günter Ollmann writes in Dark Reading. As networks become more sophisticated, generate more data, and are exposed to advanced threats, AI and the automation it empowers are the cure.

Text Link

The truth is, the Yahoo! data breach is not the exception

December 28, 2016

Bloomberg Radio

The magnitude of the Yahoo! data breach – more than 1 billion user accounts compromised – is by far the largest that has ever occurred. But Yahoo! is not the exception. Routers, switches and servers in the vast majority of data centers where customer account information is kept are largely unprotected and highly vulnerable to cyber attacks.

Text Link

Video: Cybersecurity woes in the U.S.

December 22, 2016

CNBC

The incoming U.S. administration would be well advised to take the recent Democratic and Republican National Committee hacks seriously, Vectra CEO Hitesh Sheth tells CNBC. "We can safely assume that nation-state actors will continue their efforts to affect U.S. economic interests as well as our democratic and political processes."

Text Link

What the infosec jobs sector will look like in 2017

December 22, 2016

CSO

Vectra CSO Gunter Ollmann says that experienced infosec employees are twice as valuable to the global market, demanding higher pay and improved roles. To retain them, organizations are offering “senior” titles and accompanying pay hikes. Meanwhile, the skills and job tasks between “junior” and “senior” remain unfulfilled.

Text Link

Insurance claims for data breaches are on the rise

December 21, 2016

Information Security Buzz

On news that data breach insurance claims are being made at a rate of over one a day, Matt Walmsley, Vectra EMEA director, says “By automating detection using the very latest self-learning security tools, and with it the response to an incident based on early indicators, many attacks can be nipped in the bud before they become costly incidents.”

Text Link

Encrypt everthing. Don't let security be the reason you don't (and attackers do)

December 20, 2016

IT Security Guru

Chris Morales, head of security analytics at Vectra, says encrypted network traffic is having an impact on security that relies on deep packet inspection, whose efficacy degrades as more traffic is encrypted. Even worse, traditional security responses to handling encrypted traffic will suffer due to certificate and public key pinning built into applications.

Text Link

Data breach claims are made at a rate of more than one a day

December 20, 2016

Claims Magazine

Matt Walmsley, EMEA director at Vectra , says that a rise in claims for digital theft and intrusions was taking place amid growing nation state-driven cyber crimes and the looming risk posed by GDPR compliance requirements and punitive fines. There is also growth in corporate cyber extortion using ransomware and malware.

Text Link

Remain paranoid, err vigilant, with online security in 2017

December 20, 2016

CSO

There are a lot more tools necessary and available to combat the cyber threat, at the edge, at the endpoint and in between. “It is important to identify, develop and train associates who are motivated cyber warriors, and it is an ongoing process, due to the velocity of change," says Joe Duffey, CISO at Natixis Global Asset Management.

Text Link

Cybersecurity predictions

December 19, 2016

Information Security Buzz

Hitesh Sheth, CEO at Vectra, outlines his top cybersecurity predictions for 2017. Attacks on the U.S will increase during Drumpf’s administration, new forms of ransomware will become a big headache for security response teams, data center attacks will increase, and firewall vulnerabilities will continue to be ignored.

Text Link

What 2017 has in store for cybersecurity

December 19, 2016

CSO

Chris Morales, head of security analytics at Vectra, tells CSO that critical firewall vulnerabilities will continue to be ignored in 2017. According to the Shadow Server website, there are still more than 816,000 Cisco firewalls connected to the Internet that are vulnerable, undermining the inherent trust placed in firewalls.

Text Link

AI: Revolutionizing the information security industry

December 19, 2016

SC Media

Günter Ollmann, CSO at Vectra, explores how the information security industry is starved of experienced security workers and how it is proving detrimental to its advancement and exposing IT systems and Internet businesses to criminality and ransom. In the next 25 years, AI defense systems will unleash unimaginable ways to combat cyber threats.

Text Link

InfoSec skills shorage: The No. 1 threat to Internet security

December 17, 2016

Information Security Buzz

It is estimated that today there are over 1 million InfoSec positions unfilled – growing to over 1.5 million by 2019 – and more than 200,000 of those vacancies are in the U.S. This global shortage of expertise and experience lies at the very heart of the InfoSec world’s ability to respond to cyber attacks – affecting vendors and consumers alike.

Text Link

Data center security – Is it safe?

December 15, 2016

Network Computing

Data centers are the main repository for digital assets and resources, and their high value makes them a target for attackers. But threats in the data center are relatively mature by the time they manifest. With more assets residing in data centers than ever before, how safe is it? Matt Walmsley, EMEA director at Vectra, explains.

Text Link

Device agnostic IoT security

December 15, 2016

Network Computing

With more unmanaged and seldom-updated devices connecting to our networks, behavior-based security is an essential line of defense. It ensures that unusual activity and volume are quickly identified and addressed, and this can be done regardless of the device being targeted. Matt Walmsley, EMEA director at Vectra, makes the case.

Text Link

Who's afraid of APT?

December 15, 2016

Computing Security

What can organizations who expect to be a target do about an APT? And how sure can anyone really be that they are ready to respond? Expecting the unexpected is a difficult task, says Matt Walmsley, EMEA director at Vectra, quite reasonably, although in terms of cyberattacks the truth is that prevention alone fails.

Text Link

Hackers may go holiday shopping online, too

December 15, 2016

Network World

Employees who reuse credentials or shop from their work computers are at risk, says Chris Morales, head of security analytics at Vectra. Fake Best Buy or Amazon promotional emails could be a phishing attack infecting computers with ransomware or exploits to initiate a targeted cyber attack, while everyone is supposed to be enjoying holiday cheer.

Text Link

US-Wahl 2016 und der Umgang mit Big Data

December 13, 2016

IT Sicherheit

Große Daten-und Datenwissenschaften können verschiedene Arten von Prognosen zu erstellen. Das Brexit-Referendum und die US-Wahlen von 2016 führten zu zwei Ergebnissen, die sich stark von den vorhergesagten Ergebnissen unterschieden. David Pegna, Leiter der Data Science bei Vectra, erklärt, was Cyber-Sicherheit aus den großen Datenfehlern lernen kann.

Text Link

Bigger walls won't keep data safe

December 6, 2016

TMCnet

For years, the security community focused on perimeter defenses, but ensuring all is well requires more than building a bigger wall. Hackers only need about 146 days to spy, spread and steal, according to Mike Banic, vice president of marketing at Vectra. And it only takes about three days for an attacker to gain administrative credentials.

Text Link

Where cybercriminals go to buy your stolen data

December 5, 2016

Dark Reading

Darknet website AlphaBay sells tens of thousands of items related to malware, exploits, hacked accounts, stolen credentials, and hacking services. Christopher Doman, a threat analyst at Vectra, talks about the AlphaBay market and forum and explains the various ways this information can be used for nefarious purposes.

Text Link

Evaluating AI-powered threat detection technologies

December 2, 2016

IT Security Guru

Unlike signature-based detection systems, today’s AI-powered security technologies are rarely suited to a plug-it-in-and-watch-it-light-up evaluation strategy. They often include a mix of supervised and unsupervised machine learning, automated threat hunting, trained classifiers, and focus on reducing erroneous and unactionable alerts.

Text Link

Compliance doesn’t equal security but it sure does help

November 29, 2016

SC Media

As more business decisions rely on big data analytics, cybercriminals have greater incentive to pollute the incoming data to alter decisions or make them predictable so they can be monetized, says Vectra CTO Oliver Tavakoli. This can cause a hedge fund to buy or sell a stock. “Criminals can make large sums of money front-running the transaction.”

Text Link

DHS hiring puts into question the cybersecurity skills shortage

November 23, 2016

SearchSecurity/TechTarget

"Everyone with a newly minted computer science degree is being encouraged to get into cybersecurity, as the lack of candidates is driving up salaries," says Vectra CSO Günter Ollmann. Although the U.S. Department of Homeland Security event "was pitched under the banner of cybersecurity, it is not clear what jobs were actually being filled."

Text Link

What will the next ransomware note say?

November 23, 2016

ITSPmagazine

In 2017, ransomware will be used with other techniques for blended attacks, says Vectra CSO Günter Ollmann. Despite ransomware detection improvements made in 2016, most organizations still do not have a sufficient offline backup strategy to restore files, whether the ransom is paid or the attacker provides the encryption key.

Text Link

Cybersecurity predictions for 2017

November 22, 2016

VMblog

Alex Waterman, senior director of product management at Vectra, predicts that cybercriminals will step up their efforts to use more vulnerable IoT devices to mount attacks and the tools published by the Shadow brokers hacking group will be used against the data center’s unprotected physical infrastructure.

Text Link

Podcast: An all-out AI war is imminent in 2018

December 29, 2017

Bloomberg

Vectra CEO Hitesh Sheth talks with Bloomberg Markets about the crucial role that artificial intelligence will play in detecting and responding to cyberattackers in 2018. It will be an AI war, with nation-state hackers and organized cybercriminals using their AI threat arsenal to attack organizations who use AI as a defensive weapon.

Text Link

Security burnout: Avoidable or inevitable?

December 22, 2017

BetaNews

AI is the inevitable next phase in cybersecurity. What is avoidable, however, is security burnout. By implementing key business and professional-growth programs – and augmenting the work of security analysts with AI – organizations can greatly reduce the security burnout rate while nurturing and developing future security analysts.

Text Link

Industry reactions to U.S. blaming North Korea for WannaCry

December 22, 2017

SecurityWeek

When WannaCry was first detected, we saw similarities in the code used for that ransomware attack with previous attacks attributed to North Korea, like the Sony hack. North Korea has been targeting banks directly with banking malware while using ransomware against other organizations to acquire a large volume of Bitcoin.

Text Link

Savoir ce qui se passe vraiment sur SI: casse-tête du RSSI

December 19, 2017

Informatique

AI propose désormais de plus en plus de fonctionnalités de sécurité, en commençant par la possibilité d'automatiser le traitement de ces volumes de données, alertes, gérables et intégrant des algorithmes d'apprentissage automatique détectant le comportement agresseur, explique Christophe Jolly, directeur France chez Vectra.

Text Link

Emerging Tech Hub: Vectra hunts partners for threat detection platform

December 19, 2017

CRN

Vectra is hunting for channel partners in the UK after trebling its revenue in Q3, says Matt Walmsley, head of EMEA marketing. Vectra revenue jumped 294 percent in the third quarter this year, which Walmsley said was driven by a need for enterprises to address the detection gap that allows cybercriminals to easily breach networks.

Text Link

How ready are you to stop an advanced attack?

December 19, 2017

CSO

In his latest installment in the CSO “Thinking Security” column, Vectra CTO Oliver Tavakoli explores the benefits of running red team exercises. Red team exercises enable organizations to understand how to respond when dealing with real-world advanced attacks and adapt to respond quickly to these threats.

Text Link

AI is changing security ops: What security analysts need to know

December 19, 2017

TechBeacon

The security operations center at Texas A&M serves 11 universities and seven state agencies. But with just seven full-time analysts and a risk-rich environment of 174,000 students and faculty, triaging security events was overwhelming, but with the help of Vectra Cognito, and it now takes 10-20 minutes to resolve an incident, on average.

Text Link

Nation-state attackers shut down industrial plant with new ICS malware

December 15, 2017

eSecurity Planet

"The IoT and IT/OT convergence is accelerated by the speed of business and the implementation of AI to drive decisions in ICS environments," says Chris Morales, Vectra head of security analytics. "In addition, more ICS devices are running commercial operating systems, exposing ICS systems to a wider swath of known vulnerabilities."

Text Link

Triton framework used in industrial control attacks

December 15, 2017

TechTarget

"To gain access to the industrial control systems, the threat actor infected an SIS engineering workstation on what is supposed to be an isolated network," says Chris Morales, Vectra head of security analytics. "An infected laptop can be brought in by a contractor, connect to the network and spread to the controlled ICS environment."

Text Link

Traffic to major tech firms rerouted to Russia

December 14, 2017

SecurityWeek

People who use Google, Apple, Facebook and Microsoft trust that their communication is secure because of the use of HTTPS, says Chris Morales, Vectra head of security analytics. But entities can manipulate the border gateway protocol to perform man-in-the-middle attacks and manipulate TLS/SSL encryption to eavesdrop on users.

Text Link

Researchers untangle Patchwork gang's cyberespionage attacks

December 13, 2017

SC Media

“The motivation of the attacker is always financial or competitive gain or theft of intellectual property,” says Chris Morales, Vectra head of security analytics. “The constantly changing landscape makes it nearly impossible to track cyberespionage organizations without a team of researchers focused on attribution.”

Text Link

Oops...some HP laptops shipped with hidden keylogger

December 13, 2017

TechNewsWorld

Keyloggers are an important weapon in the arsenal of cyberattackers, says Chris Morales, Vectra head of security analytics. "They're often used in the recon phase of targeted attacks to steal user credentials and other sensitive information that are used to compromise user accounts. Keyboard loggers are hard to spot with consumer anti-virus."

Text Link

2018 security predictions: More hacks from everywhere

December 12, 2017

DZone

"Data exfiltration from cloud-based storage will accelerate," says Vectra CTO Oliver Tavakoli. "This will occur at the cross-section of IaaS and PaaS. And organizations will often have no idea that their data has been stolen. Virtual forms of traditional security products will be powerless to contain this threat."

Text Link

HP fixes hidden, deactivated keylogger in 460 laptop models

December 11, 2017

SC Media

"Why would a hardware vendor install this kind of software on their computers?" asks Chris Morales, head of security analytics at Vectra. "The key logger was a software development or test tool that should have been removed before the code was released. Any attacker could easily monitor everything a user does on their system.”

Text Link

Bitcoin exchange NiceHash hacked as cryptocurrency hits new highs

December 7, 2017

eWeek

"This NiceHash attack is reminiscent of the Carbanak heist in which the sophisticated attackers used the bank's own tools to steal their money," said Chris Morales, head of security analytics at Vectra. Morales says the most important security controls monitor internal traffic for the misuse of administrative credentials and administrative protocols.

Text Link

Cyberthieves loot tens of millions in bitcoin from NiceHash cryptocurrency marketplace

December 7, 2017

SC Media

“If you are risk averse, transfer deposits made to your bitcoin wallet to a hard currency account with a bank,” says Matt Walmsley, Vectra EMEA director. However, he added, "Many exchanges may limit the amount you can transfer in one instance and you may not be able to empty your account, so buyers beware.”

Text Link

What is a botnet? And why they aren't going away anytime soon

December 6, 2017

CSO

"Consumers have no security controls to monitor botnet activity on their personal networks," Chris Morales, head of security analytics at Vectra, tells CSO magazine. "Security teams prioritize attacks targeting their own resources rather than attacks emanating from their network to external targets.”

Text Link

What will be the single biggest security threat of 2018?

December 5, 2017

IDG Connect

"Exfiltration of data from cloud-based storage will accelerate," says Matt Walmsley, Vectra EMEA director. "Infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) attacks will see massive tranches of data from organizations being taken from the cloud, without IT/security team even knowing."

Text Link

Künstliche Intelligenz für Cybersicherheit

December 4, 2017

Retail Technology

Die Coop-Gruppe nutzt die auf KI basierende Cognito-Plattform von Vectra zur Erkennung von Cyberbedrohungen. Mit 2.476 Filialen und mehr als 85.000 Mitarbeitern ist Coop einer der größten Einzel- und Großhändler in der Schweiz.

Text Link

Vectra ajoute du contexte avec le renseignement sur les menaces

December 1, 2017

LeMagIT

Cognito de Vectra utilise AI pour analyser le comportement des hôtes, puis s'appuie sur des algorithmes d'apprentissage automatique pour détecter les cyberattaques cachées dans les réseaux, notamment pendant les phases de reconnaissance interne, de mouvement latéral et d'extraction de données.

Text Link

Most UK Uber users and drivers caught up in data breach

November 30, 2017

SC Media

"We're now at a time where artificial intelligence needs to be introduced to identify and respond to threats automatically and in real-time, a task that humans alone are simply incapable of performing at adequate scale and speed," says Matt Walmsley, Vectra EMEA director.

Text Link

La machine auto-apprenante offre-t-elle une meilleure protection ?

November 30, 2017

Data News Magazine

“On ne consulte pas le contenu d'une boîte mail, mais le comportement du trafic sur un appareil et s'il s'agit ou non d'une tentative d'attaque," précise Chris Morales, responsable security analytics de Vectra. “On peut même constater des attaques sur un réseau crypté."

Text Link

Vectra ajoute l'intégration d'intelligence de menace et les détections d'attaque d'Active Directory

November 29, 2017

Global Security Mag

Vectra intègre l'intelligence des menaces et les flux d'indicateurs de compromis (IoC) dans sa plateforme Cognito. La plateforme détecte également les activités de découverte d'attaquants ciblant les services Active Directory via LDAP et Kerberos.

Text Link

Three lessons to learn from the Uber breach

November 24, 2017

eSecurity Planet

Chris Morales, head of security analytics at Vectra, notes that the challenge is that traditional security and methods for internal data centers don't have the same visibility in cloud environments. "Companies like Uber who rely on cloud infrastructure need a security strategy with processes and tools that provide visibility into cloud attacks."

Text Link

Uber data breach wrap-up: Experts’ opinions

November 23, 2017

Security Boulevard

"Normal security tools and methods built for internal data centers do not have the same visibility in cloud environments where your systems and data are sharing a neighborhood (the internet and cloud apps) with millions and millions of other people, both good and bad," says Chris Morales, Vectra head of security analytics.

Text Link

Back to the future for 2019

December 27, 2018

ITProPortal

"We will see an increase in the use of deep learning, such as recursive neural nets, that enable algorithms to continuously learn and evolve," says Chris Morales, head of security analytics at Vectra. "2019 will see deep learning become the best practice for detecting cyberattacks."

Text Link

AI und Cyber Security im kommenden Jahr

December 27, 2018

IT Daily

"Geopolitische Spannungen und Handelskriege werden das Wachstum der kommerziellen Cyberspionage vorantreiben," sagt Gerard Bauer, Vizepräsident der EMEA-Region von Vectra. "Diese Angriffe werden von vielen Opferunternehmen nicht erkannt, da sie keine versteckten Bedrohungen in Netzwerken erkennen können."

Text Link

Security holes at U.S. missile defense systems data centers shocks experts

December 21, 2018

Data Center Knowledge

The problem wasn't that the data centers lacked the authentication or encryption tools. "The controls existed but were not implemented and used equally and regularly," Chris Morales, head of security analytics at Vectra, says.

Text Link

Best security software: How 25 cutting-edge tools tackle today's threats

December 21, 2018

CSO

The Vectra Cognito platform incorporates artificial intelligence (AI), deep machine learning and traffic monitoring into a tool that is able to detect threats that other programs miss, even if they are already entrenched inside a protected network.

Text Link

Smartphones and the new cybersecurity threat

December 21, 2018

MHI Solutions

Chris Morales, head of security analytics at Vectra, says the biggest risk posed by mobile devices in a corporate network is malicious apps gaining access to enterprise data. Make sure mobile devices do not share network connectivity with critical infrastructure or systems with sensitive information.

Text Link

Emotet-Malware: Hohe Schäden in Unternehmensnetzen

December 21, 2018

Netzwerker News

Für Gérard Bauer, Vizepräsident von EMEA bei Vectra, zeigt der Erfolg alter Malware eines der grundlegenden Probleme vieler IT-Sicherheitslösungen, die immer noch auf klassischen Cybersecurity-Konzepten beruhen.

Text Link

Alphabet's VirusTotal: A security solution for your small business?

December 18, 2018

Business News Daily

"VirusTotal provides value only if you have the necessary staff to extract value from it," says Oliver Tavakoli, chief technology officer at Vectra. "This is reflective of the fact that the VirusTotal data repository is of most value to large and expert IT security teams."

Text Link

Cyberattacke auf Marriott-Hotelkette politisch motiviert?

December 17, 2018

IT Business

"Dieser Cyberangriff ist eine Form der Spionage von Nationalstaaten", sagt Gerard Bauer, Vizepräsident von EMEA bei Vectra. "Der einzige Unterschied ist jetzt, dass es im Cyberspace passiert, anstatt in ein Gebäude einzubrechen und physische Dokumente zu stehlen."

Text Link

As manufacturing moves into cyberspace, so do security threats

December 13, 2018

Manufacturing.net

Vectra’s artificial intelligence-based platforms detected “a higher-than-normal rate of malicious internal reconnaissance behaviors” from attackers inside of manufacturers’ systems and that this “indicates that attackers are mapping-out manufacturing networks in search of critical assets to steal or damage.”

Text Link

China suspected of massive Marriott data breach

December 13, 2018

Security Now

"Hacks are getting bigger because the volume of data generated on the Internet every single day is so large," says Chris Morales, head of security analytics at Vectra. "Just like a user employs a search engine to get information, a cyber spy will search massive online databases for information."

Text Link

Former Equifax CEO blamed for 'entirely preventable' data breach

December 11, 2018

IT Pro

"Prevention will never be 100%," says Chris Morales, head of security analytics at Vectra. "That is unrealistic. The report states the breach was entirely preventable. I don't believe that is true. It is the same notion as building a wall would stop the drug trade. The criminal build tunnels instead."

Text Link

Clemson's cautionary cryptomining tale

December 11, 2018

HPCwire

“Cryptomining efforts are popular across higher education," according to a study published in March from Vectra. Vectra reported that 85% of cryptocurrency mining instances happened in higher education between August 2017 and January 2018, compared to just three percent in the technology sector.

Text Link

Damning report on Equifax security failures is a lesson for all enterprises

December 11, 2018

Computer Business Review

"We can improve our ability to detect and respond to breaches by looking for the type of behaviors an attacker performs," says Chris Morales, head of security analytics at Vectra. "The most critical threat behaviors should be correlated with compromised hosts in real time before they become a problem."

Text Link

Equifax breach was ‘entirely preventable,’ congressional report says

December 10, 2018

MarketWatch

“It is a classic ‘could have, should have’ scenario,” says Chris Morales, head of security analytics at Vectra. “As long as a motive exists, attackers will continuously attempt to compromise networks until they succeed. The failure comes down to people and process, not necessarily technology."

Text Link

Emotet-Malware verursacht schwere Schäden in Unternehmensnetzwerken

December 7, 2018

IT Daily

Für Gérard Bauer, Vizepräsident von EMEA bei Vectra, zeigt der Erfolg der "alten" Emotet-Malware eines der grundlegenden Probleme vieler IT-Sicherheitslösungen, die immer noch auf klassischen Cyber-Sicherheitskonzepten basieren.

Text Link

UK spy agency joins NSA in sharing zero-day disclosure process

December 6, 2018

SecurityWeek

"Zero days are saved for the most critical needs," says Chris Morales, head of security analytics at Vectra. Most attackers don’t like to waste this type of knowledge when they can simply convince a user to give them access to their system instead."

Text Link

The next big risk to your security is your child’s video-game habit

December 6, 2018

MarketWatch

“Gaming has always been an arena for hacking and attacks,” says Chris Morales, head of security analytics at Vectra. “In today's competitive and financially lucrative gaming world, that means bypassing developer controls to gain a competitive advantage or disrupt other players.”

Text Link

30 years ago, the Morris worm changed our view of cybersecurity

December 5, 2018

Verdict

“Enterprises are unable to spot worm reconnaissance and lateral movement behaviors," says Matt Walmsley, EMEA director at Vectra. "Security analysts can't operate at the speed and scale required to manually identify the threat and close down their lines of communication and movement."

Text Link

Marriott reconnaît une brèche affectant 500 millions de clients

December 3, 2018

LeMagIT

"Disposer de systèmes qui surveillent le comportement d'exfiltration plutôt que d'essayer d'inspecter les charges utiles de données peut être un moyen de relever ce défi," déclare Gregory Cardiet de Vectra. "La détection de ces comportements à un stade précoce est essentielle."

Text Link

Marriott: Quelles conséquences de la violation de données de 500 millions de clients?

December 3, 2018

Informatique News

"La réponse aux incidents prend trop de temps et, dans de nombreux cas, les équipes de sécurité tentent de comprendre ce qui s'est passé et comment l'empêcher de se reproduire plutôt que de détecter et d'intervenir tôt dans le cycle de l'attaque pour éviter le vol et les dommages," a déclaré Gregory Cardiet. un expert en cybersécurité chez Vectra.

Text Link

AI companies race to get upper hand in cybersecurity before hackers do

December 3, 2018

Investor's Business Daily

To detect cyberthreats, their AI software sifts through massive stores of computer network data. Wall Street analysts are eyeballing and a handful of other private firms. With AI tools, the new AI companies are taking customers away from cybersecurity industry incumbents, analysts say.

Text Link

500 Millionen Datensätze bei Marriott ausgecheckt

December 3, 2018

Manage IT

"Was die Datenschutzverletzung selbst anbelangt, war die Exfiltration der Daten innerhalb der Verschlüsselung möglicherweise ein Versuch, Sicherheitskontrollen wie Systeme zum Schutz vor Datenverlust zu umgehen", sagt Gerard Bauer, Vizepräsident der EMEA.

Text Link

Violation massive de données des clients Starwood

December 3, 2018

Solutions Numerique

"Les attaquants avancent lentement et par étapes pour obtenir des privilèges et adopter une variété de comportements avant d’accéder aux données souhaitées, de les exfiltrer," explique Gregory Cardiet, expert en cybersécurité chez Vectra. "La détection de ces comportements à un stade précoce est essentielle."

Text Link

500 millions de clients des hôtels Marriott piratés

December 3, 2018

Lemonde Informatique

"Si les dates sont vraies, entre la date de détection initiale ou le 8 septembre 2018 et la divulgation publique de la faute, l'exigence de notification GDPR de 72 heures était très loin d'être respectée," déclare Gregory Cardiet, expert en cybersécurité chez Vectra.

Text Link

Marriott Starwood data breach details: What was taken?

November 30, 2018

SecureWorld

Incident response continues to take too long as security teams try to figure out what happened and how do we stop it happening again, says Chris Morales, head of security analytics at Vectra. "It's important to spot and close down an attacker earlier in its lifecycle to minimize or stop a breach from occurring."

Text Link

Should you use a VPN for security? Experts weight in

December 29, 2019

Tech Nadu

“Think carefully about the VPN provider you use. Many of the free VPN providers are in the business of monetizing your personal data to pay for their services," says Chris Morales, the head of security analytics at Vectra.

Text Link

Digital Health’s review of 2019 part one: January to June

December 27, 2019

Digital Health Intelligence

A Vectra 2019 Spotlight Report on Healthcare found ransomware attacks are becoming less prevalent as cyber criminals look to new ways of attacking a system.

Text Link

Top 25 AI startups who raised the most money in 2019

December 23, 2019

Forbes

Vectra AI - Raised $100M from a Series E round on June 10th.

Text Link

Santa and the zero-trust model: A Christmas story

December 23, 2019

Dark Reading

How would the world's most generous elf operate in a world of zero-trust security? A group of cybersecurity experts lets us know.

Text Link

2019 Tech advances

December 20, 2019

SC Magazine

A zero-trust architecture fundamentally distrusts all entities in a network and does not allow any access to resources until an entity has been authenticated and authorized to use that specific resource, i.e. trusted.

Text Link

5 Security operations and analytics trends to watch in 2020

December 19, 2019

CSO Magazine

According to ESG research, 36% of organizations are actively integrating disparate security analytics and operations tools in pursuit of a more cohesive security technology architecture.

Text Link

The 10 biggest cybersecurity news stories of 2019

December 19, 2019

CRN

Vectra closed a $100 million round led by TCV, bringing the company’s overall haul to $222.5 million since being founded nine years ago.

Text Link

Cybersecurity: artificial intelligence will not (immediately) replace humans

December 19, 2019

Silicon.fr

The frantic pace at which the adoption of artificial intelligence (AI) has grown in recent years is starting to have transformative effects in many areas.

Text Link

Hidden tunnels

December 19, 2019

CXO Insight Middle East

Findings from the Vectra 2018 Security Spotlight Report on the financial service sector identified vulnerabilities posed to financial services organizations by attackers using hidden tunnels to surreptitiously access and steal data.

Text Link

Vectra’s EMEA director questions AI: Hype or reality for today’s challenges?

December 17, 2019

Information Age

AI is augmenting security analysts and also making a considerable contribution to bridging the cyber skills and resource gap by allowing less experienced analysts to enter the profession and achieve more, more quickly.

Text Link

Artificial intelligence as a weapon for hackers

December 16, 2019

Medium

Vectra’s Cognito platform uses AI to detect cyber attacks in real-time. Combining human intelligence, data science, and machine learning, Cognito automates tasks that are normally done by security analysts and greatly reduces the work that’s required to carry out threat investigations.

Text Link

2019's biggest Australian channel job moves

December 16, 2019

CRN Online

Network security vendor Vectra tapped former Telstra channel exec Dee Clinton as its Asia-Pacifc channel chief.

Text Link

Why humans remain at the core of good security operations

December 13, 2019

Tahawul Tech

The use of AI in cybersecurity not only expands the scope of what a single security expert is able to monitor, but importantly, it also enables the discovery of attacks that would have otherwise been undetectable by a human.

Text Link

Mergers and acquisitions: Cybersecurity risks

December 11, 2019

Forbes

In mergers and acquisitions, cyber risk management should not be confined to a paragraph of the contract announcing the devaluation of the company absorbed, if there is an attack.

Text Link

Ring camera hacker uses home security systems to spew racial slurs at Florida family

December 10, 2019

Newsweek

Matt Walmsley, a director at cybersecurity and artificial intelligence firm Vectra, told Newsweek password integrity "seems to be a significant factor in this disturbing case."

Text Link

New approach needed following DDoS attacks

December 8, 2019

Intelligent CIO Africa

Matt Walmsley, Head of EMEA Marketing at Vectra, says extortion is a well-established approach for cyber criminals and is used through tactics that include threatening denial of service, doxing, and ransomware.

Text Link

How commodities firm ED&F Man solved its threat detection challenges

December 6, 2019

Computer Weekly

After a minor server breach, leading commodities trader turned to Vectra’s Cognito service to expose hidden threats, spot privilege misuse, and conduct conclusive investigations.

Text Link

How can firms use Remote Desktop Protocol without leaving the door open for cybercriminals?

December 6, 2019

ITProPortal

Recent research conducted by Vectra sought to quantify the threat, finding that nine out of ten organizations have experienced some form of malicious RDP behavior.

Text Link

Vectra comments on the international crackdown of IM-RATs

December 2, 2019

Global Security Mag

‘Remote Access Trojans (RATs) are an insidious set of attacker tools that invade our systems, data and privacy. With so much legitimate remote access happening across our networks and hosts, there’s plenty of opportunity for RATs to operate undiscovered as they hide in plain sight.

Text Link

CISA pushing U.S. agencies to adopt vulnerability disclosure policies

December 2, 2019

Threatpost

“Public vulnerability disclosure should be a basic practice for every company, not just government agencies,” Chris Morales, head of security analytics at Vectra.

Text Link

ED&F Man uses AI to protect its network

November 30, 2019

CIO

The Cognito Privileged Access Analytics module has also been deployed to monitor the actions of privileged accounts.

Text Link

12 Black Friday scams to watch out for

November 27, 2019

TheStreet.com

If you've never heard of a third-party website, avoid signing up for it, said Chris Morales, head of security analytics at Vectra.

Text Link

Black Friday & cyber Monday security tips

November 27, 2019

KTVU Fox 2 News

KTVU's Alex Savidge spoke to Chris Morales, head of security analytics at San Jose based Vectra about online safety tips this holiday shopping season.

Text Link

How Essilor gains visibility on its network

November 27, 2019

Le Mag It

The eyeglass lens specialist decided to rely on Vectra's solution to gain global visibility into its information system, with a view to setting up a global security operational center.

Text Link

ED&F Man transforms threat detection and investigation

November 27, 2019

Digitalisation World

ED&F Man selected the Cognito network detection and response platform from Vectra to expose attackers hidden inside its network, spot privilege misuse and perform conclusive incident investigations.

Text Link

Kawasaki Heavy Industries, a Partner of Defense Companies and Agencies, Reports Breach

December 29, 2020

SC Magazine

Managing access control and data permissions is difficult without a proper understanding of the who, what, and where of data access models. To truly understand data flow and access, organizations need to observe privilege based on real world activity and assess the access that does occur. This would allow an organization to differentiate between what should and should not occur.

Text Link

Cyber Attack, Terrorism, Theft and Scams: Threats to Covid-19 Vaccines

December 23, 2020

Le Parisien

La France a mis en place un protocole sécuritaire très strict afin d’acheminer et stocker ces vaccins en France, alors que la menace qui plane sur ces antidotes au coronavirus est protéiforme.

Text Link

Critical Flaws Put Dell Wyse Thin Client Devices at Risk

December 22, 2020

Gov Info Security

Researchers at the security firm CyberMDX have uncovered two significant vulnerabilities in certain Dell Wyse thin client devices that, if exploited, could enable threat actors to remotely run malicious code and access files on affected devices.

Text Link

SolarWinds hack: Security experts weigh in on US cyber-attack

December 21, 2020

ITP.net

The SolarWinds hack, which is reportedly being link to Russia, is shaping up to be the biggest cyber-attack this year. The attack targeted the US government, its agencies and several other private companies. It was first discovered by cybersecurity firm FireEye, and since then more developments are being reported each day.

Text Link

Highly Skilled Hackers Breach US Agencies and Private Companies

December 18, 2020

Washington Examiner

United States officials have blamed Russian hackers for recent breaches at federal agencies, companies, and high-profile cybersecurity vendor FireEye, with the malicious activity appearing to come from highly skilled attackers. "Attackers could also set up automated workflows to consolidate all the activities and run them autonomously while quietly exfiltrating data," Vectra's Matt Walmsley shares.

Text Link

The 25 Best Cyber Security Books — Recommendations from the Experts

December 18, 2020

Hashed Out

While all of these things together sound like the makings of a best-selling fiction novel, the cyber security industry – and all of the threats and dangers that exist within it – is all too real. That’s one reason why cybersecurity books make for some pretty interesting reading both in terms of academics and entertainment. Hashed Out reached out to many IT and cyber security experts within the industry to inquire about their favorite books on cyber security and create a comprehensive list of the “best cyber security books.”

Text Link

Vectra and Baidam to offer cybersecurity scholarships for Indigenous peoples

December 18, 2020

Security Brief AU

Vectra AI has formed a new partnership with Baidam Solutions. This partnership provides First Nations’ people with scholarships, a full education and technical skills to combat the rise in cyberattacks against businesses, government and infrastructure.

Text Link

5 NDR Vendors to Watch in 2021

December 17, 2020

Solutions Review

Solutions Review’s NDR Vendors to Watch is an annual listing of solution providers we believe are worth monitoring. Companies are commonly included if they demonstrate a product roadmap aligning with our meta-analysis of the marketplace. Other criteria include recent and significant funding, talent acquisition, a disruptive or innovative new technology or product, or inclusion in a major analyst publication.

Text Link

The SolarWinds Perfect Storm: Default Password, Access Sales and More

December 16, 2020

Threatpost

A perfect storm may have come together to make SolarWinds such a successful attack vector for the global supply-chain cyberattack discovered this week. Researchers said that includes  its use of a default password (“SolarWinds123”) that gave attackers an open door into its software-updating mechanism; and, SolarWinds’ deep visibility into customer networks.

Text Link

SolarWinds Cyberattack Likely Affected Thousands Worldwide

December 16, 2020

Channel Futures

Vectra's Matt Walmsley comments on the recent SolarWinds breach, discussing how security teams need to drastically reduce the overall risk of a breach by gaining instant visibility and understanding of who and what is accessing data or changing configurations, regardless of how they are doing it, and from where.

Text Link

Cyber Experts Weigh-In on FireEye Breach, SolarWinds Supply Chain Attack

December 16, 2020

Enterprise Security Tech

The recent supply chain attack, which has affected around 18,000 SolarWinds Orion customers, is thought to have been executed by a sophisticated nation-state threat actor. Vectra's Matt Walmsley says that IT administrators and security teams have access to highly privileged credentials as part of their legitimate work. Attacking the digital supply chain of their software tools is an attempt to gain penetration and persistence right at the heart of their operations, gain privileged access and to provide springboard out across their digital hybrid-cloud enterprise.

Text Link

US Treasury, Commerce Departments Hacked

December 15, 2020

Silicon

A number of key US government departments have been hacked, with concern that the attack has allowed a foreign power to monitor American government communication.

Text Link

A Safe Return to Office May Mean Higher Burden for Companies to Collect, Protect Medical Data

December 15, 2020

SC Magazine

For many businesses, recovery from the pandemic fallout hinges in part on employees working safely and virus-free outside their homes. That leaves organizations facing the very real possibility that they will serve as both trackers and guardians of health data to ensure the safety of employees.

Text Link

Here Are the Critical Responses Required of All Businesses After SolarWinds Supply-Chain Hack

December 15, 2020

SC Magazine

SolarWinds estimates that between last March and June, roughly 18,000 user organizations downloaded updates of its Orion software that Russian APT actors allegedly corrupted with Sunburst backdoor malware. John Mancini, senior product manager at Vectra, said that a core point of the DHS’ guidance for remediating the SolarWinds hack is to analyze for any listed indicators of compromise and then “identify potential behaviors in metadata that may be related to the compromise.”

Text Link

Email Systems Breached at the US Treasury and Commerce Departments

December 14, 2020

Security Magazine

Hackers working on behalf a foreign government are believed to be behind a highly sophisticated attack into a range of key government networks, including in the Treasury and Commerce Departments, and other agencies. The hackers had free access to their email systems.

Text Link

Cybersecurity in 2021: 5 Trends Security Pros Need to Know

December 14, 2020

DICE News

With 2021 fast approaching, cybersecurity experts and analysts note that cybersecurity will continue to evolve even as most of the world enters a post-COVID-19 era, with cybercriminals, threat actors and nation-state hackers ready to take advantage of whatever may happen next. This will keep CISOs, their security teams, as well as their counterparts in IT, trying to catch up and stay ahead.

Text Link

18,000 Organizations Possibly Compromised in Massive Supply-Chain Cyberattack

December 14, 2020

Dark Reading

In what may well turn out to be one of the most significant supply-chain attacks in recent years, a likely nation-state backed group compromised systems at SolarWinds and inserted malware into updates of the company's widely used Orion network management products that were released between March and June 2020. Matt Walmsley, EMEA director at Vectra, says the attackers likely manipulated Security Assertion Mark-up Language (SAML) authentication tokens used in Single Sign On to try and escalate privileges in the early stages of the campaign.

Text Link

Hackers breach US agencies, Homeland Security a reported target

December 14, 2020

Digital Journal

The US Department of Homeland Security was the third federal department to be targeted in a major cyberattack, US media reported Monday, a day after Washington revealed the hack which may have been coordinated by a foreign government.

Text Link

Hackers breach US agencies, Homeland Security a reported target

December 14, 2020

The US Department of Homeland Security was the third federal department to be targeted in a major cyberattack, US media reported on Monday, a day after Washington revealed the hack which may have been coordinated by a foreign government.

Business Times

Text Link

Cyberespionnage des Agences US : comment les attaquants compromettent les comptes Microsoft 365 commente Vectra

December 14, 2020

Global Security Mag

L’Agence de cybersécurité et de sécurité des infrastructures (CISA) du gouvernement américain a publié une directive d’urgence appelant « toutes les agences fédérales américaines à examiner leurs réseaux à la recherche d’indicateurs de compromission et à déconnecter ou éteindre immédiatement les produits SolarWinds Orion ».

Text Link

Hackers breach US agencies, Homeland Security a reported target

December 14, 2020

The Daily Mail

SolarWinds over the weekend admitted that hackers had exploited a backdoor in an update of some of its software released between March and June. The hacks are part of a wider campaign that also hit major cybersecurity firm FireEye, which said its own defenses had been breached by sophisticated attackers who stole tools used to test customers' computer systems.

Text Link

The next big thing in security

December 13, 2020

Network Middle East

Oliver Tavakoli, our CTO, shares his thoughts on the upcoming cybersecurity trends to watch.

Text Link

How Worried Should I Be About My Password Being Compromised, Stolen In A Data Breach? Experts Say This

December 13, 2020

Forbes

After a major data breach, do criminals actually have your password even if it has been encrypted? Companies have various ways of encrypting passwords. There are also techniques called salting and hashing. The upshot is, the average user will not take the time to find out how the affected company does their encrypting—or hashing or salting for that matter.

Text Link

Why accelerated cloud adoption exposes organisations to security risk

December 11, 2020

RemoteWorkerTech Asia

Chris Fisher, Vectra's director of security engineering APJ, shares that as our reliance on technology grows exponentially, so does the need for robust cybersecurity to protect users and keep data and business operations safe from hackers.

Text Link

IoT Cybersecurity Improvement Act Signed Into Law

December 9, 2020

Security Magazine

The IoT Cybersecurity Improvement Act has been officially signed into law. The bipartisan legislation, sponsored by Reps. Robin Kelly, D-Ill., and Will Hurd, R-Texas, and Sens. Mark Warner, D-Va., and Cory Gardner, R-Colo., requires that any IoT device purchased with government money meet minimum security standards.

Text Link

7 of the Most Impactful Cybersecurity Incidents of 2021

December 23, 2021

Dark Reading

There was a lot to learn from breaches, vulnerabilities, and attacks this year.

Text Link

Attack Wipes 25 Years' Worth of Data from Local Electric Co.

December 7, 2021

Data Breach Today

A local electric cooperative serving western Colorado's Montrose and Delta counties, says a cyberattack first detected Nov. 7 has disabled billing systems and wiped out 20 to 25 years' worth of historic data.

Text Link

SolarWinds Attack: One Year Later, Cybersecurity Lessons for Pros

December 3, 2021

Dice

The world of cybersecurity changed for good on Dec. 13, 2020 as a result of the massive cyberattack on SolarWinds.

Text Link

2021 State of Security Podcast

November 30, 2021

Xenex

Experts give their take on the state of cybersecurity as we near the end of 2021.

Text Link

Bugcrowd Reports Ethical Hackers Prevented $27B in Cybercrime

November 17, 2021

Tech News World

Over the last year, ethical hackers have prevented more than US$27 billion in cybercrime, according to a report released Tuesday by a leading bug bounty platform.

Text Link

Most Ethical Hackers Identifying Vulnerabilities They Did Not See Before the Pandemic

November 16, 2021

SC Magazine

New research that found some 80% of ethical hackers have recently identified a vulnerability they had not encountered before the pandemic.

Text Link

SOC Modernisation: A Digital Labrador for Next-Level Cybersecurity

November 15, 2021

Security Review

Modern complexities of rogue devices, remote employees, and multi-cloud environments have brought previously unseen levels of unpredictability to the SOC.

Text Link

48% of Companies Plan to Migrate Half or More of Their Apps to the Cloud in 2022

November 8, 2021

SC Magazine

A report on cloud adoption found cloud usage among respondents has grown to 90%, while 48% say they plan to migrate half or more of their apps to the cloud in 2022.

Text Link

Top 5 AWS Misconfigurations That Led to Data Leaks in 2021

November 3, 2021

Toolbox

Here’s a look at the most disruptive security incidents associated with AWS misconfigurations and how businesses can prevent misconfigurations in the future.

Text Link

US State Department to Create Dedicated Cyber Office

October 28, 2021

Gov Info Security

The U.S. Department of State will create a Bureau of Cyberspace and Digital Policy, led by a Senate-confirmed ambassador-at-large, to advance its cybersecurity diplomacy efforts.

Text Link

Ransomware: Why These Attacks Continue to Cause Cyber Risk

October 27, 2021

Dice

Since taking office in January, the Biden administration has made cybersecurity one of its top priorities.

Text Link

SolarWinds Attackers Targeting Resellers, Service Providers: Microsoft

October 26, 2021

eSecurity Planet

The Russian-based cybercrime group responsible for the high-profile attack on software maker SolarWinds last year is continuing to take aim at the global supply chain, according to a warning issued by Microsoft this week.

Text Link

Ransomware's Evolution: 6 Key Trends to Watch

October 18, 2021

Tech Beacon

As security teams start to fight back, attackers have only become more sophisticated.  Here are six key trends that your security team should be tracking to ensure that your organization remains cyber resilient.

Text Link

Acer confirms new attack on servers

October 18, 2021

Tech Radar Pro

Acer has confirmed that its servers in Taiwan have also been breached, after hackers themselves shared details about the incident with privacy watchdogs, Privacy Affairs.

Text Link

30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware

October 13, 2021

Threatpost

The previously unknown SnapMC group exploits unpatched VPNs and webserver apps to breach systems and carry out quick-hit extortion in less time than it takes to order a pizza.

Text Link

Ransom Disclosure Act Would Require Victims to Disclose Ransom Payments Within 48 Hours

October 7, 2021

SECURITY Magazine

A new bill introduced would require ransomware victims to disclose ransom payments within 48 hours of payment — including the amount of ransom demanded and paid the type of currency used for payment of the ransom, and any known information about the entity demanding the ransom.

Text Link

Successfully Influencing Employee Security Behavior

October 1, 2021

Security Boulevard

A new report from Forrester Research indicates organizations should tread carefully between engagement, empathy and punishment because punishment has the tendency to reinforce employees’ negative perceptions and resentment of the security team.

Text Link

New Twist on DDoS Technique Poses Threat to CSP Networks

September 28, 2021

SC Magazine

No Internet-connected device appears to be safe from potentially being abused by a newly theorized form of distributed denial of service attack.

Text Link

Illinois Man Ran Business Telling Clients How to Launch Computer Attacks: DOJ

September 26, 2021

Fox Business

An Illinois man ran a successful computer takedown service until the feds stepped in.

Text Link

Why AI is a Critical Weapon in the War on Ransomware

September 24, 2021

AI Magazine

In the sprawling IT landscapes of today, artificial intelligence (AI) will play a decisive role in this war against ransomware, giving organizations the best chance to defeat motivated attackers.

Text Link

What Is the Difference Between Security and Resilience?

September 24, 2021

Dark Reading

Vectra Technical Director to the CTO Office, Tim Wade explains how Resilience shifts the focus toward eliminating the probable impact of the full attack chain.

Text Link

Use AI to beat the bad guys

September 21, 2021

BetaNews

Vectra CEO, Hitesh Sheth explains how AI is the greatest ally when it comes to creating a secure future. AI can learn the differences between normal and malicious activity — independently, without requiring human input.

Text Link

How Superloop Reduced False Positives with Behavioural Threat Detection

September 19, 2021

CSO Online

The security team at the Australian telco got its network detection response down from four hours down to one hour a day.

Text Link

Half of On-Prem Databases Contain Security Vulnerabilities

September 15, 2021

SECURITY Magazine

Organizations aren’t maintaining regular patching: With nearly half of all databases globally (46%) containing a vulnerability and the average number of Common Vulnerabilities and Exposures (CVEs) per database standing at 26, it’s clear that businesses are ignoring one of the basic tenets of data security which is to patch and update databases as soon and often as possible.

Text Link

Executives' Ransomware Concerns are High, Yet Few are Prepared for Attacks

September 14, 2021

SECURITY Magazine

One out of every two on-premises databases globally has at least one vulnerability, finds a new study.

Text Link

Cyber Conflict Overshadowed a Major Government Ransomware Alert

April 26, 2022

Dark Reading

The FBI warns that ransomware targets are no longer predictably the biggest, richest organizations, and that attackers have leveled up to victimize organizations of all sizes.

Text Link

Latest T-Mobile Data Breach Has Some Wondering ‘How Lapsus$ Got Access in the First Place’

April 22, 2022

Channel Futures

Security experts react following the latest T-Mobile Data Breach.

Text Link

Vectra Research Exposes Cybersecurity Health Crisis

April 7, 2022

Intelligent CISO

Vectra AI released a new Security Workforce report highlighting how mounting pressure on security professionals is creating a health crisis in cybersecurity.

Text Link

First Malware Targeting AWS Lambda Serverless Cloud Environment Discovered

April 6, 2022

SC Magazine

Researchers reported on the first publicly known case of malware specifically designed to execute in an AWS Lambda environment.

Text Link

Techniques for Ransomware Detection

March 25, 2022

CIO Insights

With ransomware being so prevalent, what should organizations be doing to detect it, mitigate its impact, and prevent any future attacks?

Text Link

FBI Warns of Cyberattacks Using AvosLocker Ransomware

March 21, 2022

TechRepublic

The AvosLocker Ransomware as a Service (RaaS) group has targeted critical infrastructure sectors in the US, such as financial services, manufacturing and government facilities, the FBI said.

Text Link

How To Avoid Getting Hacked

March 21, 2022

ABC 4 Utah

Aaron Turner, VP of SaaS Posture at Vectra sits down with ABC 4 Utah to explain how Vectra is able transfer the best cybersecurity knowledge to a company in a really repeatable way.

Text Link

Steve Cottrell, EMEA CTO at Vectra AI, on cyber threats

March 15, 2022

Technology Magazine

Steve Cottrell, EMEA Chief Technology Officer at Vectra AI, spoke to Technology magazine about how it helps businesses facing increasing cyber threats

Text Link

Hard Truths from Ukraine: The Government Cannot Save us in Cyberwar

March 15, 2022

BetaNews

Vectra CEO, Hitesh Sheth explains how no intelligence agency is certain how the cyber dimension of the Ukraine conflict will evolve.

Text Link

Tuckers Solicitors ICO Fine

March 11, 2022

Information Security Buzz

Steve Cottrell, EMEA CTO at Vectra AI, comments about the fine issued by the ICO to Tuckers Sollicitors.

Text Link

Only 16% of Organizations Have Comprehensive DevSecOps in Place

March 4, 2022

SC Magazine

A cloud security report found that only 16% of respondents have comprehensive DevSecOps in place, while some 37% are starting to incorporate some aspect of DevSecOps within their organizations.

Text Link

CRN: Coolest Network Security Companies of 2022

February 22, 2022

CRN

A look at 20 network security vendors offering everything from log filtering and encrypted traffic visibility to containerized firewalls and SD-WAN.

Text Link

Reacting with Confidence to a New Trojan Horse Cyber Threat

January 22, 2022

BetaNews

Vectra CEO, Hitesh Sheth explains how AI has become pervasive—and increasingly important to our quality of life while it's also making an impact on today’s cyber landscape.

Text Link

Defending Against Modern Ransomware Tactics

January 5, 2022

Security Boulevard

Ransomware gangs are continuing to evolve new tactics and techniques, and organizations need to be better prepared to defend against them in 2022.

Text Link