Learn how attackers can use a printer to spread malware

Vectra Threat Labs discovers a critical Microsoft Windows vulnerability

Find out how

Detect ransomware in seconds

Learn more now

2016 Post-Intrusion Report

Attackers know when they're being watched and are blending in with users and common network traffic.

Download the Report

"Identifies attacks as they are happening"

– Peter Stephenson, Technology Editor

READ THE ARTICLE

Vectra Bootcamp

Live 30-minute introduction to the Vectra product and its underlying technology.

Register Now

Benefits

Easy

Up and running in minutes. Vectra learns everything it needs to know.

Real-time

Continuous threat monitoring instantly identifies any phase of a cyber attack.

Prioritized

The Threat Certainty Index™ prioritizes the most serious threats in your network.

Adaptive

Learns new threat behaviors and adapts to your ever-changing network.

Blog

Own a printer, own a network with point and print drive-by
12 July 2016

Printers present an interesting IoT example because they are far more powerful than other IoT devices, yet are not always considered real computers by most network administrators. More

View More Blog Posts

News & Media

LastPass security flaws put passwords at risk, patch rolling out
SearchSecurity | 27 July 2016

Günter Ollmann and Oliver Tavakoli, CSO and CTO of Vectra Networks, respectively, and Lane Thames, security researcher at the Tripwire Vulnerability and Exposures Research Team, agreed that Ormandy should not have discussed the issue on Twitter, but Tavakoli thought the LastPass security flaws were disclosed responsibly. More

Vectra Networks a Finalist in the Best of Black Hat Awards for “Most Innovative Emerging Company”
Vectra Press Release | 26 July 2016

Vectra Networks is named one of three finalists in the “Most Innovative Emerging Companies” category in Dark Reading’s Best of Black Hat Awards. More

Ten emerging security vendors you should know about
CRN | 25 July 2016

CRN named Vectra Networks to its prestigious list of 2016 Emerging Vendors. Vectra was singled out by CRN as a rising technology innovator who is reshaping the future of the IT channel. The CRN Emerging Vendors list is a valuable resource for solution providers looking to expand their portfolios with cutting-edge technology. More

How predictive analytics discovers a data breach before it happens
TechCrunch | 25 July 2016

We have to consider that the tools and tactics of our adversaries will evolve and change in parallel with ours, warns Oliver Tavakoli, CTO at cybersecurity firm Vectra Networks. “After several years spent trying to perfect predictive analytics, attackers will counter with feints and pattern randomization." More

July 2016: A perfect vulnerability storm
SecurityWeek | 25 July 2016

July was the busiest month in recent memory for vulnerabilities, says Wade Williamson, Vectra director of threat analytics. The vulns were copious and severe, and all the big vendors seemed to suffer. And while every organization strives to keep their technology patched and updated, months like this remind us that it is impossible to be perfect. More

Time to update how we manage and address malware infections
IT Security Guru | 25 July 2016

As advances in network-based detection increase the fidelity and coverage of malware and threats, the possibility of specific attribution will continue to recede, says Mike Banic, vice president of marketing at Vectra. The malware ecosystem continues to evolve swiftly, and security researchers and professionals need to adapt accordingly. More

Cyber security basics: Four best practices for stopping the insider threat
Computer Business Review | 20 July 2016

Whether external and insider, detecting threats requires identifying when hosts behave in a way that exposes data or assets. “There is a need to track the flow of data within a network to proactively identify the acquisition, staging, and stealing of data, whether driven by an insider or outsider,” says Matt Walmsley, EMEA director at Vectra. More

Vectra Networks Recognized as a CRN 2016 ‘Emerging Vendor’
Vectra Press Release | 20 July 2016

Vectra Networks recognized for creativity and innovation in product development, as well as a strong commitment to delivering those offerings through a vibrant channel of solution providers. More

Microsoft rolls out a patch to fix a 20-year-old security flaw; but is it really effective?
University Herald News | 15 July 2016

The security flaw enabled malicious users to covertly install a hand-picked malware on computers that connect to fake printers or devices that pose as printers. Vectra Networks security experts found that the issue dwells in the Windows Print Spooler component that connects to available printers. More

Industry pros consider widespread affects of Windows printer flaw
SC Magazine | 14 July 2016

Discovered by researchers at Vectra, the flaw allows any printer or device that mimics a printer to install malware on computers on a local area network. The print spooler does not authenticate printer drivers, allowing attackers to infect multiple computers on the network and continue to infect other devices as they discover the driver. More

A 20-year-old printer vulnerability left Windows exposed to malware
Digital Trends | 14 July 2016

Security company Vectra publicized the decades-old vulnerability that takes advantage of an authentication error in the printer installation process. According to Vectra, the Windows Print Spooler never thoroughly authenticated drivers, allowing attackers to spoof the system and install malware. More

Microsoft patches 20-year-old critical Windows printing bug
Digital Journal | 14 July 2016

Vectra contacted Microsoft with details of the vulnerability. A "critical" fix has been released for all supported versions of Windows. Windows Print Spooler now writes to the file system in a safer way and warns users who attempt to install untrusted printer drivers. More

20-year-old Windows printer security vulnerability discovered
Übergizmo | 14 July 2016

This bug is actually a security vulnerability that was discovered in the Windows Print Spooler software. If the printer is connected to a network, like in an office, it could potentially spread to other PCs on the same network as well, infecting all of them in the process. More

Microsoft issues new Windows 10 preview build, patches critical flaws
NewsFactor | 14 July 2016

Described as a "watering hole" attack, the 20-year-old printer vulnerability was identified and analyzed by security researcher Nick Beauchesne. Noting that Microsoft worked with the cybersecurity firm Vectra Networks to investigate the vulnerability, Beauchesne posted an analysis of his findings on Vectra's website. More

Pwned by your printer! Microsoft patches critical printer spooler bug
Sophos | 14 July 2016

The hole was reported to Microsoft by security researchers from Vectra Networks, and it’s one of those bugs about which you can’t help thinking, “Golly gosh, that should never have happened.” Fortunately, as far as we know, Vectra was the first company to figure this one out, and disclosed it responsibly to Microsoft, which has now issued a patch. More

20-year-old Windows printer flaw exposes you to malware
The Inquirer | 14 July 2016

Vectra looked into the printer installation process in a number of different versions of Windows and found a common problem that is old enough to remember when Kanye West was just a rapper. More

Windows 'critical' security flaw hits all versions of OS
InformationWeek | 14 July 2016

"So in the end, we have a mechanism that allows the downloading of executables from a shared drive, and run them as a system on a workstation without generating any warning on the user side," wrote Nicolas Beauchesne, senior threat researcher at Vectra Networks. More

Ancient Windows printer flaw exposes you to malware
Engadget | 14 July 2016

Researchers at Vectra discovered a roughly 20-year-old flaw in Windows Print Spooler (which oversees the printing process) that lets attackers slip malware on to a PC. The spooler doesn't verify that a printer's drivers are legitimate so it's possible for attackers to install maliciously-coded drivers thorough the Internet or the printer itself. More

Microsoft fixes decades-old printer bug in Windows
PC Magazine | 14 July 2016

The primary problem is that an attacker could compromise a printer – a not-so-secure device, Vectra notes – which then allows the printer to distribute malware disguised as system-level printer drivers. Attackers then gain access to the infected system to spread malware to anyone else foolish enough to try connecting to the printer. More

Microsoft patches 20-year-old critical printer vulnerability
SecurityWeek | 14 July 2016

Security researchers at the Vectra Threat Labs recently discovered two security issues affecting the Windows Print Spooler components and say that they allow an attacker to compromise systems via the printer itself. These are a remote code execution flaw and an elevation of privilege vulnerability, both of which were patched by Microsoft. More

Hunting the snark with machine learning, artificial intelligence and cognitive computing
SecurityWeek | 14 July 2016

Vectra CSO Günter Ollmann explains that the unsupervised learning element comes from first baselining the network’s usual behavior. The system then monitors for any abnormal behavior on the network. It can be aided, he added, with "hints," or manually labeled events – but basically it works on its own. More

Ready to print? Here's malware instead
infoRisk Today | 14 July 2016

"Microsoft is pretty much between a rock and a hard place," Nicolas Beauchesne, senior security researcher with Vectra, says. "Printer vendors have yet to agree on a printing standard or in some cases, to even sign their drivers. Ensuring that every driver is signed would break older printers until their respective vendors deploy new drivers for all their models." More

View All News & Events

Awards

Upcoming Events

INTERFACE Twin Cities

3 August 2016 - Minneapolis

It’s critical to stay current with the technology that runs your organization and secures your operational infrastructure. INTERFACE addresses these IT issues through informative, non-sales oriented, educational seminars customized to the specific needs of the local business community. Using case studies and best practice examples, these exhibitor-presented sessions offer you the solutions needed to address your technology challenges and achieve your organizational goals.
Register Today.

Black Hat

30 July 2016 to 4 August 2016
Mandalay Bay, Las Vegas

Black Hat returns to Las Vegas for its 19th year. This six-day event begins with four days of intense training for security practitioners of all levels, followed by the two-day main event, including over 100 independently selected briefings. Make sure to visit the Vectra Networks Booth 966.
Register Today.

View all events »