Full-featured SD-WAN Solution Deep Dive

Learn about the capabilities you should expect to find in a full-featured SD-WAN design and how these features operate within the larger Secure SD-WAN architecture.

SD-WAN Growth Report 2020

Futuriom outlines the market trends for SD-WAN in their June 2020 report and provides their predictions for growth and change in the space.

Versa Redefines McLarens F1 Speed Strategy

NTT Communications and Versa Networks provide McLaren with reliability, security, stability, and flexible management of their data traffic flows so they can set up a secure, optimized network connectivity in preparation of race weekend.

 
Versa Secure SD-WAN – Simple, Secure, and Reliable Branch to Multi-Cloud Connectivity

Versa Secure SD-WAN is a single software platform that offers multi-layered security and enables multi-cloud connectivity for Enterprises.

 
Gartner Magic Quadrant for WAN Edge Infrastructure, 2020

Gartner 2020 Magic Quadrant report analyzes the various vendors in the WAN edge market and Versa is positioned as a Leader.

Versa Networks - Explained in 1 minute

Learn about the Versa Secure SD-WAN solution in a high-level, one minute overview.

 
Versa Secure SD-WAN – Simple, Secure, and Reliable Branch to Multi-Cloud Connectivity

Versa Secure SD-WAN is a single software platform that offers multi-layered security and enables multi-cloud connectivity for Enterprises.

The Secure SD-WAN Blog

Posts tagged ‘Malware’

Research Lab

Unpacking the SolarWinds Supply Chain Attack

jayesh-gangadas
By Jayesh Gangadas Patel
Senior Threat Analyst, Versa Networks
January 12, 2021

The SolarWinds attack leaves many unanswered questions and the most prominent amongst them is the question of how the attacker entered internal systems of SolarWinds network and was able to infiltrate and move inconspicuously across the development chain. The malware was able to camouflage its activity among the highly secure network of the prominent organization for an extended period of time, evading all their security detection and prevention defenses. In this particular blog, our team will mainly focus on the chain of events that occurred, and the evasive methods employed to remain completely stealthy despite moving around and compromising a highly secure network environment.



Research Lab

SUPERNOVA: the Invisible Explosion That Caught the Industry Off Guard

winny-thomas
By Winny Thomas
Principal Security Architect
December 29, 2020

On December 13, 2020, FireEye reported a global campaign that targeted a large sector of industries by threat actors who inserted malicious code within a software component used by the popular network management software SolarWinds. It is not yet known how the threat actors managed to gain access to the development environment in which they added and distributed this malicious code as part of an update to the software. This trojanized version of the dynamic-link library (DLL) has been given the name ‘Sunburst’ by FireEye. Surprisingly enough, researchers have found evidence of the presence of a second backdoor in the SolarWinds product.



Research Lab

The NSA’s Top 25 Most Exploited Vulnerabilities

winny-thomas
By Winny Thomas
Principal Security Architect
December 23, 2020

The National Security Agency published a list of 25 CVEs (Common Vulnerabilities and Exposures) that were most exploited by threat actors in recent times. Some of these CVE’s were used to deliver malicious software that allowed monitoring remote networks, maintaining continued access to remote networks, and, in some cases, using these CVEs to pivot to other systems within the internal network. For example, CVE-2019-11510 was used to gain access to sensitive VPN information of user accounts and then use the credentials to deliver ransomware like Sodinokibi. Similarly, CVE-2019-0803 was used to establish a backdoor to gain and maintain access to…



Research Lab

The SolarWinds Hack: Understanding SolarStorm’s SUNBURST Backdoor

jayesh-gangadas
By Jayesh Gangadas Patel
Senior Threat Analyst, Versa Networks
December 21, 2020

FireEye recently provided information about the widespread attack campaign registered against components of the SolarWinds Orion platform. The SolarWinds Orion platform has a huge customer base of 300,000 clients and issued this advisory on Sunday, December 20th. In this blog post, we will focus on answering specific questions that organizations may have regarding the Solarwinds attack.



Research Lab

Emotet: The Silent, Pervasive Villain / The Return of Emotet: Time to Watch Out

versa-staff
By Versa Staff
Versa Networks
April 23, 2020

After several weeks of quiet, especially during the Christmas holidays, the Emotet malware bot is up and running again, and it seems stronger and smarter. Several IT security firms have reported seeing phishing emails delivering Emotet via malicious Word documents and even delayed holiday e-greetings. Cyber-attackers using Emotet seem to have used this brief hiatus to improve the malware’s social engineering abilities, with almost a fourth of infected emails being sent as replies to existing email threads. Designed initially as a banking malware, the Emotet Trojan was first identified by security researchers in 2014. The malware delivery botnet spreads itself…



Research Lab

CVE-2020-0796 – A Potential SMB Attack in the Horizon

winny-thomas
By Winny Thomas
Principal Security Architect
April 15, 2020

Server Message Block or SMB is a protocol used extensively by windows. It allows windows computers to communicate, locate file servers, locate and communicate with windows networks services and even communicate with other operating systems that understand the SMB protocol. The latest version of SMB is SMB version 3 which is affected. Over the years numerous vulnerabilities were discovered in the protocol which were actively exploited and used by malware authors to build ransomware, cryptominers, SCADA malware etc. MS08-067 saw the rise of the Conficker worm, MS10-061 was used by the infamous Stuxnet malware and MS17-061 was used by ransomware’s…



Research Lab

COVID-19 Ransomware Analysis

winny-thomas
By Winny Thomas
Principal Security Architect
April 9, 2020

Versa Security Lab recently analyzed couple of malware samples which arrives on a computer through phishing emails containing documents with embedded link which eventually leads to the download of the malware. Some of these may arrive through websites pretending to provide information on the recent Corona virus outbreak. The past few months have seen several malicious webservers and domains being set up, purportedly serving information on the Covid-19 virus outbreak. Most of these sites are hosts to ransomware and other malware types. In this blog we are going to look at one sample which encrypts files contents and updates the…