Ransomware: Catch me if you can.
Ransomware demand in 2016 was around a billion dollars[1]. WannaCry[3] was the recent ransomware campaign that spread across 150 countries affecting 200,000 users. It is estimated that in 2017[2], damages due to ransomware will exceed $5 billion. Modern defenses make...
The Industry’s First “Deception 2.0 for Dummies” Book
Since the dawn of time, deception has been used in nature in various forms as a successful survival strategy and has played an important role in the physical and behavioral adaptations of all organisms. Humankind, with its higher cognitive ability, has successfully...
WannaCry Ransomware Analysis: Lateral Movement Propagation
Acalvio Threat Research Labs The WannaCry ransomware attack has made front page news around the world, with at least 150 countries and 200,000 customers affected [2]. Because WannaCry makes use of a largely unpatched Windows exploit for lateral movement, it is able to...
How to outfox Shamoon? Put Deception to work!
Acalvio Threat Labs Shamoon is one of the critical threats that has been able to penetrate traditional defenses successfully not once, twice, but thrice – in 2012, 2016 and 2017. The main purpose of Shamoon Threat Actor was the destruction of the endpoint...If Deception is so Great, Why Isn’t Everyone Doing it?
Using deception as a threat detection solution would seem to be a no-brainer: It can detect malware at multiple points in the kill chain, with no false positives and no modifications or impact to production systems. Everyone must be doing it you would think....
Acalvio RSS Feed
- Protecting Microsoft Active Directory Part 2: Attack Paths August 14, 2021In a previous blog, we provided an overview of the (unfortunately quite complex) Active Directory Attack Surface. In Part 2 of this series, we’ll explore how attackers plan their movement and traverse attack paths once they have discovered AD vulnerabilities and misconfigurations that they can exploit. The Microsoft Active Directory (AD) ecosystem consists of all […]Team Acalvio
- Protecting Microsoft Active Directory: Understanding the Attack Surface July 21, 2021In the recent SolarWinds hack and Ransomware attack on Colonial Pipeline, Active Directory (AD) compromise was at the core of the attack playbook. In this 3-part blog series, we look at protecting Microsoft Active Directory – which is central to most enterprise infrastructure layouts.Team Acalvio
- OT Risk Management – Deceiving Your Way to IT/OT Convergence June 24, 2021Securing Operational Technology (OT) networks is definitely “a thing” these days. OT environments include specialized equipment (e.g. PLCs) that monitor and control production facilities such as refineries, manufacturing plants and utilities. The stakes are high with respect to potential business continuity and safety impacts if something is compromised. To be sure, it’s not that CISOs […]Team Acalvio
- Acalvio Customer Reference – Consumer Packaged Goods June 20, 2021 Team Acalvio
- Acalvio ShadowPlex Customer Reference Research University May 21, 2021 Team Acalvio
- Tales from the trenches: Effective managed cyber threat detection and response February 19, 2021Breaches can take minutes or less for a cyber criminal to execute but often months to discoverTeam Acalvio
- Customer Reference Industrial Manufacturer February 6, 2021 Team Acalvio
- Acalvio Customer Reference Consumer Services February 6, 2021 Team Acalvio
- Threat Hunting the Modern Way January 31, 2021When you think threat hunting, what comes to mind? For most enterprise security staff, the answer is “Hmmm, not sure if that’s for me”.Team Acalvio
- The Solarwinds Attack – Don’t Trust; Always Verify January 11, 2021What’s the biggest lesson from the SolarWinds fiasco? Just focusing security defenses on the most common means of penetrating an organization doesn’t cut it.Team Acalvio