1-616-874-7810 info@vdalabs.com

News & Updates

Embedded and IoT Security

VDA gave a number of talks in 2017 on embedded and IoT security, and how it relates to other pentesting services. The full video (and some additional clips) are embedded below. In this talk we cover the following points (and many more): IoT devices are appearing in...

Car Hacking with CANable

VDA has audited automotive vehicles and systems.  One interesting thing we can share is our experience with CAN monitoring and messaging.  There are many tools and techniques.  For one side of the CAN network we were recently investigating, we decided to use the...

Practical Defenses Against Ransomware Roundtable

VDA recently participated in an excellent panel discussion on "Practical Defenses Against Ransomware" and other malware threats in Detroit at Build IT Together (the audio is only so-so, sorry).  Among the discussion highlights, the following key points stood out to...

Is it a Sin to Get Hacked?

No.  It's not unacceptable to have a cyber incident.  It happens.  Just like any other type of business risk could.  But it is unacceptable to be negligent.  Negligence is knowing there’s work to be done, and simply turning your back on it.  If you haven't pentested,...

Great Michigan Security Conferences

There are a number of InfoSec conferences around the world these days.  Most are pretty solid.  In Michigan, there are a number each year too.  A couple that VDA labs was at lately were the Michigan Cyber Security Conference and GrrCon.  Both were very solid events. ...

Great Time at RSA

VDA Labs was at RSA this year.  Such a big event!  Great for networking. I was also fortunate enough to be selected to speak.  We at VDA Labs have a real heart for seeing our customers succeed in being more secure, and in helping develop their staff.  So, I spoke on...

Social Engineering is on the Rise

Social Engineering is the number 1 way people and businesses are getting compromised.  Legitimate looking emails trick HR/Finance into sending W2s, wiring money, or clicking malicious links and attachments.  I recently partnered with news station WWMT to show home...

Investigating Hacks: Call to Action

VDA Labs has been doing more incident response lately.  I’m writing this blog to warn businesses in the area to take security seriously.  I’ve seen too many small and midsize business get hacked.  Ransomware is the number one threat.  Other scams like wire fraud are...

2017 Cyber Predictions

Well, it’s that time of year.  Everyone is wrapping up 2016 and planning for 2017.  In cyber, we tend to have a tradition of making predictions.  Security continues to be a hard problem, so here are my thoughts:   We will see death from hacking pick up in the next...

Application Security Audit

So, you want to check the security of an in-house developed application?  Great! Doing this a couple times a year is very important.  Here’s a few questions to ask your auditor: Do they just scan the code with tools, or do they also have experts on staff to understand...

Cyber Regulation – Software Security

I’ve been asked if, and if so, what type of cyber regulation is needed.  Here are some thoughts: I do think carefully thought out regulation is required.  Too much or too specific laws would hamper industry.  But basic safety standards should exist.  Here’s one...

Pentesting

VDA labs is often asked about doing pentests.  What’s interesting is how that word means different things to different people.  Sometimes what they really want is a pentest of an app or system.  A system can be audited based on design, machine or manual code analysis,...