NAME:WRECK DNS Bugs: What You Need to Know
For most internet users, there’s not much of a perceivable difference between the domain name they want to visit and the server that the domain queries. That’s because the Domain Name System ...
What Project Memoria Foretold about TCP/IP Security and Supply Chain Vulnerabilities
Project Memoria was the largest study about the security of TCP/IP stacks, conducted by Vedere Labs and partners in the cybersecurity industry. It started from a collaboration with JSOF to understand the ...
What to Do When Ransomware Meets the Internet of Medical Things
Vedere Labs recently developed a proof-of-concept (PoC) ransomware for IoT (R4IoT) using as an example attack scenario a hospital network containing IoT devices such as IP cameras, IT workstations and OT in ...
Cybercrime Will Increase — And 9 Other Obvious Cybersecurity Predictions for 2022
While cybercrime and cybersecurity are no laughing matters, many cybersecurity articles tend to state the obvious in their predictions. With this in mind, we thought it would be fun to... The post ...
Forescout Research Labs concludes Project Memoria – Lessons Learned after 18 months of vulnerability research
What is Project Memoria? Project Memoria is the largest study on the security of TCP/IP stacks. The idea for this project emerged in May 2020 while collaborating with JSOF on Ripple20. Our ...
New Critical Vulnerabilities Found on Nucleus TCP/IP Stack
Forescout Research Labs, with support from Medigate Labs, have discovered a set of 13 new vulnerabilities affecting the Nucleus TCP/IP stack, which we are collectively calling NUCLEUS:13. The new vulnerabilities allow for ...
DNSSEC: The Secret Weapon Against DNS Attacks
The domain name system (DNS) is known as the phone book of the internet, quickly connecting users from their devices to their desired content. But what appears to most users as seamless ...
New Critical Operational Technology Vulnerabilities Found on NicheStack – Mitigation Advised
Forescout Research Labs and JFrog Security Research have discovered a set of 14 new vulnerabilities affecting the NicheStack TCP/IP stack, which we are collectively calling INFRA:HALT. The new vulnerabilities allow for remote ...
The impact of TCP/IP vulnerabilities in healthcare devices
Forescout Research Labs found and disclosed several critical vulnerabilities on TCP/IP stacks that affect hundreds of millions of IT, OT, IoT and IoMT devices: AMNESIA:33, NUMBER:JACK and NAME:WRECK. This research – collectively ...
April Firmware Threat Report
April has been a month of awakening. The highest levels of government and some of the most influential tech companies in the industry have made it clear: we have crossed a threshold ...
