Detecting CVE-2014-1776: Internet Explorer Zero-Day

Red Canary

Red Canary is actively detecting CVE-2014-1776, the latest “Internet Explorer zero-day,” on the endpoint by leveraging our global network of managed Bit9+Carbon Black sensors. This post provides some insight into how you can do the same. We know this exploit targets Internet Explorer (iexplore.exe), requires VGX.dll be loaded by the targeted iexplore.exe process, and is triggered by a malicious Flash … Read More

The Age of Perpetual Pwnage

Red Canary

Prior to creating Red Canary we used to do a lot of incident response work. Most of those customers were repeat customers both because they were ripe targets for attack and – not to humble-brag too much – we provided a great service at a very good price. We also left behind a great product (Cb) which, we argued, would … Read More

Herd Immunity

Red Canary

There was a great security-related post today at Harvard Business Review titled Online Security as Herd Immunity. The gist goes like this: computer security is the most effective if everyone you’re connected to – which is everyone – is also contributing to security. Just like a herd of animals, businesses that are all at the same level of defensive capability … Read More

On Threat Intelligence

Red Canary

If my tour of the vendor floor at RSA was any indication, “threat intelligence” is rapidly becoming the new “APT,” which is to say that it means different things to different people and despite the best efforts of those who actually know what is going on, it may cease to have any meaning at all if those who value money … Read More

The Price of Caring About “Evidence”

Red Canary

In 2012 one of the offices in the government of the State of South Carolina suffered a digital breach. Reporting at the time estimated that the total cost of the breach was $14m, with incident response costs alone estimates at $500,000. The 2013 NetDiligence survey of data breach insurance payouts reports that of the 140 claims submitted to insurers, 88 … Read More

The Future of Threat Detection

Red Canary

Several years ago, when we were still very much a start-up, we sent three of our team (of five) to conduct an incident response for a much larger company. Two of the team members had done incident response before; the third was more the kind of guy who caused incidents rather than responded to them. Three weeks later, after delivering our … Read More