WannaCry Ransomware Analysis: Lateral Movement Propagation

WannaCry Ransomware Analysis: Lateral Movement Propagation

Acalvio Threat Research Labs The WannaCry ransomware attack has made front page news around the world, with at least 150 countries and 200,000 customers affected [2]. Because WannaCry makes use of a largely unpatched Windows exploit for lateral movement, it is able to...
How to outfox Shamoon? Put Deception to work!

How to outfox Shamoon? Put Deception to work!

Acalvio Threat Labs Shamoon is one of the critical threats that has been able to penetrate traditional defenses successfully not once, twice, but thrice – in 2012, 2016 and 2017.  The main purpose of Shamoon Threat Actor was the destruction of the endpoint...

If Deception is so Great, Why Isn’t Everyone Doing it?

Using deception as a threat detection solution would seem to be a no-brainer:  It can detect malware at multiple points in the kill chain, with no false positives and no modifications or impact to production systems.  Everyone must be doing it you would think....

Honeypots are dead! Long live Honeypots (Part4…The Crystal Ball)

Self healing system capabilities, specifically analysis and intelligence shared between Acalvio instances so you end up with a worst case scenario of only company1 getting hit, companies 2,3,4 have automatically learned from company1. IoT, V2V, V2X etc. This...