Vectra exposes cyber attacker backdoors in the data center

Learn more

Vectra named Most Innovative Emerging Company

Learn more

Learn how attackers can use a printer to spread malware

Vectra Threat Labs discovers a critical Microsoft Windows vulnerability

Find out how

Detect ransomware in seconds

Learn more now

2016 Post-Intrusion Report

Attackers know when they're being watched and are blending in with users and common network traffic.

Download the Report

Vectra Bootcamp

Live 30-minute introduction to the Vectra product and its underlying technology.

Register Now



Up and running in minutes. Vectra learns everything it needs to know.


Continuous threat monitoring instantly identifies any phase of a cyber attack.


The Threat Certainty Index™ prioritizes the most serious threats in your network.


Learns new threat behaviors and adapts to your ever-changing network.


Moonlight – Targeted attacks in the Middle East
26 October 2016

Vectra Threat Labs researchers have uncovered the activities of a group of individuals currently engaged in targeted attacks against entities in the Middle East. We identified over two hundred samples of malware generated by the group over the last two years. These attacks are themed around Middle Eastern political issues and the motivation appears to relate to espionage, as opposed to opportunistic or criminal intentions. More

View More Blog Posts

News & Media

Middle East hackers exposed
The Register | 26 October 2016

A hacking group is running a wide ranging cyber-espionage campaign against targets in the Middle East. Security firm Vectra Networks says it has identified over 200 samples of malware generated by the group over the last two years. The assaults are not technically sophisticated but nonetheless tricky in their use of social engineering tactics. More

Moonlight APT uses H-Worm backdoor to spy on Middle Eastern targets
Softpedia | 26 October 2016

For this particular campaign, identified by Vectra Networks, the group used spear-phishing emails and social media lures to trick targets into installing the H-Worm malware, a backdoor trojan, which in some cases wasused to further compromise targets with a remote access Trojan called njRat. More

Middle Eastern hackers are using this phishing technique to infect political targets with Trojan malware
ZDNet | 26 October 2016

Moonlight group is likely to be involved in cyberespionage, warns Vectra Networks. “They put effort into crafting the emails, the websites, the documents they've created, putting a fair amount of energy into it. But beyond that the underlying tech is off the shelf," says Vectra CTO Oliver Tavakoli, emphasizing how attackers don't need sophisticated hacking skills. More

Keeping zombie botnets out of your home network
USA Today | 24 October 2016

Your router, home Wi-Fi, refrigerator and webcams could be part of an international army of zombie attackers. “A newly installed Wi-Fi home router is likely to be compromised within weeks if the default passwords are not changed – or within a few hours if you live in a more densely populated metropolitan area,” says Vectra CSO Günter Ollmann. More

Funkschau: Ransomware – Keinen hohen Preis zahlen
Funkschau | 18 October 2016

Das berichtet Gérard Bauer, Vice President EMEA bei Vectra Networks, auf Der Experte gibt Einblick, wie sich Cyber-Kriminelle Zugang zu Unternehmensnetzwerken verschaffen und wie sich Firmen vor hochprofesionellen Ransomware-Angriffen schützen können. More

C-suite career advice: Hitesh Sheth, Vectra Networks
IDG Connect | 11 October 2016

Vectra CEO Hitesh Sheth offers career advice about breaking into the tech industry: “Don’t play it safe. The tech industry is very unique with lots of opportunity for someone just starting their career. Take risks. Look for startups that can drive exponential change and not just ones that seem to be the 'coolest.'” More

NSA spy details how to tap into webcam on Mac without user noticing
SC Magazine | 7 October 2016

"If these gadgets are not regularly updated to address vulnerabilities, then they are left open to exploitation," says Vectra EMEA Director Matt Walmsley. "There's now a lot of pressure on the manufacturers to raise their game and support the embedded software side of things as long and as vigorously as, say, a PC operating system vendor does.” More

A drop in the ocean: Industry pros react to TalkTalk data breach fine
ITProPortal | 6 October 2016

“Autonomous, behaviour-based threat monitoring can prevent a repeat of the same type of attack for any company, without requiring a major capital investment in more IT security staff,” Vectra CSO Günter Ollmann tells ITProPortal. "This new type of security approach allows known and unknown malware and attack vectors to be spotted. More

TalkTalk fined £400k by ICO for data breach
Comms Business | 6 October 2016

"Under the forthcoming EU General Data Protection Regulation (GDPR), the fines could have been much higher – up to 4 percent of worldwide turnover. In the case of TalkTalk, that could have been £72 million based on 2015 turnover,"Vectra CSO Günter Ollmann says. "In that respect, the company has got off lightly.” More

Release of Mirai IoT botnet malware highlights bad password security
SearchSecurity | 4 October 2016

The Mirai botnet malware used in the DDoS attack that took down the site of infosec journalist Brian Krebs was clocked at 620 Gbps. It was released in the Hackforums community website by Anna-senpai, who claims to have authored the code. Vectra CSO Günter Ollmann explains security concerns around Mirai and the dangers of default passwords. More

Top nine cybercrimes of 2016
Federal Computer Week | 4 October 2016

Jonathan Barrett and Justin Heath from Vectra weigh in on the most serious cybercrimes of the past year. About the Shadow Brokers' hack of the NSA-affiliated Equation Group, Barrett notes that "the penetration of such a highly regarded organization demonstrates what serious security professionals already know: Everyone is vulnerable." More

Even in the tech industry, sticky tape remains a preferred security measure
Fast Company | 3 October 2016

The risk isn’t limited to traditional webcams, says Vectra CSO Günter Ollmann, whose company found vulnerabilities in an inexpensive networked camera earlier this year. Internet-enabled home security cameras and networked TVs can also be hacked. So can videoconferencing tools in offices, which can be used as a gateway into other office machines. More

Exploiting the firewall beachhead: A history of backddors into critical infrastructure
IT Security Guru | 30 September 2016

Firewalls have rarely been a hindrance to breaching a network and siphoning data, according to IT Security Guru. Vectra CSO Günter Ollmann explores the history of the firewall over the last three decades and how vulnerable it is to targeted and persistent attacks by sophisticated adversaries, particularly through the use of backdoors. More

Druckertreiber – nützliches Tool für Hacker
Silicon | 30 September 2016

Mit Malware infizierte oder fingierte Druckertreiber stellen in Microsoft Windows eine kritische Sicherheitslücke für netzwerke dar. Das berichtet Gérard Bauer, vice president EMEA bei Vectra, auf Bauer gibt Einblick in die Angriffstechnik von Cyber-Kriminellen und erklärt Lösungsansätze, mit denen sich Unternehmen schützen können. More

25 emerging security vendors to watch
Dark Reading | 27 September 2016

InformationWeek and Dark Reading named Vectra one of 25 emerging security vendors to watch, citing its ability to provide "automated threat management to discover attackers inside corporate networks. It's powered by behavioral models that are always learning, and issue alerts about threats before they cause extensive damage." More

Is Wall Street bad for cybersecurity?
The Christian Science Monitor | 27 September 2016

"I anticipate that now that the bridge has been crossed, other security researchers will attempt to work with similar investment companies to monetize the vulnerabilities and research they have conducted," said Günter Ollmann, chief security officer at the cybersecurity firm Vectra Networks. More

Yahoo to face 'serious questions' in UK
The Telegraph | 23 September 2016

"By calling it 'state sponsored' organisations, are attempting to deflect the discussion from the types of tools used and their failed defences, and to posit that they had no chance of protecting their data because 'the government did it'," said Günter Ollmann, chief security officer at Vectra Networks. More

Yahoo hack – industry reactions
IT Security Guru | 23 September 2016

Matt Walmsley, EMEA director at Vectra, comments on the Yahoo hack: “It’s concerning how many organisations are unaware of huge data breaches taking place in their networks. Research shows that about two out of 10 data breaches are detected internally – leaving around 80% to be detected by external discovery and third-party agencies.” More

Hintertüren in datacenter firewalls – Einfallstor Rechenzentrum
Funkschau | 22 September 2016

Vectra Networks möchte mit einer neuen Lösung versteckte Sicherheitslücken in Netzwerkinfrastrukturen wie Firewalls, Server, Router und Switches aufdecken. Das berichtet das Fachmagazin Funkschau. Demnach ermöglicht diese Sicherheitslösung branchenweit erstmalig die erforderliche Transparenz, den Kontext und die Intelligenz, um selbst hochentwickelte Angriffe auf das Rechenzentrum aufzudecken. More

Calling it 'critical infrastructure' won't protect the vote
The Christian Science Monitor | 21 September 2016

While U.S. officials have suggested designating election systems as critical infrastructure after the Democratic National Committee hack, 62% of Passcode Influencers say it's not enough. “Unless we move beyond a declaration and into actual protection, proclamation would act more like an invitation to global hackers," said Vectra CTO Günter Ollmann. More

Bringing cybersecurity to the data center
SecurityWeek | 19 September 2016

We need to recognize the uniqueness of the data center and the threats they face, while recognizing that this uniqueness does not make them separate. Look for the attack techniques that are unique to the data center, while retaining the context of everything we've learned in the campus. This requires some planning, but is achievable. More

What to think about when moving to the cloud
CSO | 19 September 2016

Günter Ollmann, CSO at Vectra Networks, said, "Instead of buying hardware and appliances with a three-to-five-year depreciation lifecycle, they are buying a service. They are now paying, typically, based around number of servers or users being protected. Their security spend can change drastically in Capex and Opex." More

View All News & Events


Upcoming Events

Rocky Mountain Technology Summit

26 October 2016 - Denver

Attend The Rocky Mountain Technology Summit to get the right tools and make vital connections to best prepare your company for the broad spectrum of ever-changing technology trends.
Register Today.

Data Connectors Fort Lauderdale

3 November 2016 - Fort Lauderdale

The Fort Lauderdale Tech-Security Conference features 40-60 vendor exhibits and 8-12 educational speaker sessions discussing current tech-security issues such as cloud security, email and social media security, VoIP, LAN security, wireless security, USB drives security and more.
Register Today.

View all events »