Detecting CVE-2014-1776: Internet Explorer Zero-Day

Red Canary

Red Canary is actively detecting CVE-2014-1776, the latest “Internet Explorer zero-day,” on the endpoint by leveraging our global network of managed Bit9+Carbon Black sensors. This post provides some insight into how you can do the same. We know this exploit targets Internet Explorer (iexplore.exe), requires VGX.dll be loaded by the targeted iexplore.exe process, and is triggered by a malicious Flash … Read More

The Price of Caring About “Evidence”

Red Canary

In 2012 one of the offices in the government of the State of South Carolina suffered a digital breach. Reporting at the time estimated that the total cost of the breach was $14m, with incident response costs alone estimates at $500,000. The 2013 NetDiligence survey of data breach insurance payouts reports that of the 140 claims submitted to insurers, 88 … Read More