SASE can save your company a lot of money. Use the industry’s-first SASE ROI calculator to quantify the cost savings you can achieve in services, asset consolidation, and labor when deploying Versa SASE.
SASE can save your company a lot of money. Use the industry’s-first SASE ROI calculator to quantify the cost savings you can achieve in services, asset consolidation, and labor when deploying Versa SASE.
A large, publicly traded energy company operating in all areas of the oil and gas industry has dramatically simplified their network stack and realized huge cost savings with Versa SASE.
EMA evaluates the different SASE vendors and their approaches to architecture, go-to-market, and support for their cloud-delivered and hybrid services.
Gartner Magic Quadrant report analyzes the various vendors in the WAN edge market and Versa is positioned as a Leader.
Learn about the Versa Secure SD-WAN solution in a high-level, one minute overview.
SASE is the simplest, most scalable way to continuously secure and connect the millions points of access in and out of the corporate resources regardless of location.
Versa Secure SD-WAN is a single software platform that offers multi-layered security and enables multi-cloud connectivity for Enterprises.
Versa Security Lab recently analyzed couple of malware samples which arrives on a computer through phishing emails containing documents with embedded link which eventually leads to the download of the malware. Some of these may arrive through websites pretending to provide information on the recent Corona virus outbreak. The past few months have seen several malicious webservers and domains being set up, purportedly serving information on the Covid-19 virus outbreak. Most of these sites are hosts to ransomware and other malware types. In this blog we are going to look at one sample which encrypts files contents and updates the…
Universal Plug-n-Play – (UPnP) is a suite of protocols that enables a device to discover other devices on a network, configure itself to operate in the network, and advertise its services. This allows a device to locate routers, printers and other resources on a network. UPnP runs on UDP port 1900 and communicates using SOAP messages over HTTP. The actual configuration and management interface are implemented using a SOAP-based HTTP service running over a dynamically allocated TCP port. The UPnP protocol allows management of aspects of a device’s operation to extend support by the protocol implementation on the device and its…
The recent surge in cryptomining is providing cyber criminals with more vectors to attack, at the expense of legitimate users. This year has seen a huge increase in the deployment of numerous malwares, with cryptominers as primary or secondary payloads. Cryptominers are becoming easy targets, that allow attackers to go a step further to disguise themselves as the miner in the form of a flash update. Palo Alto Networks reported a list of collected samples, some dating back to August 2018[1]. The author further adds that installers from the Adobe website were legitimate, and the malicious ones were mostly Windows…
Lateral Movement Definition: Lateral movement is a technique used by cyber attackers to infiltrate and move through a network with the intent of obtaining secure data. The Cause The term “Lateral Movement” has been around for a little over four years and was in the news when ransomware like WannaCry and APT’s like APT28 and APT29 used lateral movement techniques. Most often an attacker may not have direct access to a machine or resource on the internal network, which the attacker considers a prized trophy. The prized trophy may be the domain controller, a machine hosting confidential information, or the…
Ransomware is a form of malicious software that latches onto a system and encrypts the files within it, making them inaccessible to the user. The attackers behind this malicious activity typically demand payment in terms of currency (crypto or cash) in return for the keys to decrypt the files. A recent ransomware which has become viral since January 2018 is named GandCrab. This ransomware is believed to be distributed as a Ransomware-as-a-Service [2,3]. GandCrab initially differentiated from other ransomware by demanding a ransom in DASH [7] cryptocurrency. The developers behind GandCrab have been continuously updating and releasing improved versions, with…
Fin7 is a cybercrime group that employs spear phishing attacks to deliver malware that uses fileless malware techniques, sophisticated evasions and persistence. They mostly target the financial sector. In this blog, we are going to take a high-level look at one such sample seen in the wild, which employs several layers of obfuscated JScript, powershell and DLL embedded within a Microsoft Word document. The sample analyzed has the MD5 hash 29a3666cee0762fcd731fa663ebc0011. Through a series of deeply embedded base64 encoded scripts, obfuscated code and use of powershell, this strain achieves stealth and evasion. The document arrives as an email attachment in…
Several Security Vulnerability have been patched in recently in Apache Tomcat. The list of fixed flaws recently addressed also included code execution vulnerabilities. Apache Tomcat is the most widely used web application server, with over one million downloads per month and over 70% penetration in the enterprise datacenter. The Apache Tomcat development team publicly disclosed the presence of a remote code execution vulnerability, tracked as CVE-2017-12617, affecting the popular web application server. The Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 are affected. The vulnerability is classified as “important” severity, has been…
Apache’s gaps has been in news for quite a while, and this has led to the massive milestone of Equifax being compromised to the tune of 143 million records. This has been a difficult year for Apache, with so many vulnerabilities being reported. Refer to the link for a list of Apache vulnerabilities reported in 2017. Though previous years also accounted for large chunks of Apache vulnerability, this year it has been in news for two particular vulnerabilities, CVE-2017-5638 (which led to the compromise of user data through the Equifax breach) and CVE-2017-9805 (due to the fact that the public…
