Ransomware Deja Vu – Louisiana Declares State Emergency After Cyberattacks on Schools
On 24 July, 2019 the State of Louisiana actually had to declare a state of emergency over what appears to have been a ransomware attack against at least three of the school districts within the state. So far, the districts impacted include Sabine, Ouachita, and...
Know Your Adversary, Before They ATT&CK
The Cyber Kill Chain If you’re reading this blog, you likely know the basics of the cyber kill chain. You might even be able to name a few of the seven stages in the kill chain, which lays out the steps adversaries take to attack and exploit their victims. Where you...
Deception Technology in Healthcare – When Good Medical Devices Go Bad
Healthcare institutions continue to be heavily targeted by cyber attackers. A review of the current data in the Department of Health and Human Services, Office for Civil Rights (HHS OCR), database of major breaches shows that cyber attackers continue to compromise our...
Want to Get Serious about APTs? NIST Knows a Thing or Two, Because They’ve Seen a Thing or Two
If there’s any organization that knows about dealing with advanced persistent threats (APTs) it’s NIST. The US government is constantly targeted by the most sophisticated adversaries, and the attacks are directed at both the government agencies themselves,...
“Amazon Firestick” is to “VCR”, as “Deception” is to _________
Complete the Analogy: “Amazon Firestick” is to “VCR”, as “Deception” is to _________. Correct Answer: “Honeypot” Remember your SAT or ACT exams with the analogy questions? If so you probably got this one right. For those of us old enough to remember, Video Cassette...
Acalvio RSS Feed
- Protecting Microsoft Active Directory Part 3: Deception-based AD Security September 22, 2021Previously, we covered understanding AD Attack Surface and AD Attack Paths on this Active Directory Protection blog series. This post looks at Acalvio’s novel approach to protecting Active Directory against advanced persistent threats. It presents a critical attack surface that needs continuous monitoring for misconfigurations, vulnerabilities, and attack persistence. Alternative solutions attempt to protect AD […]Team Acalvio
- Protecting Microsoft Active Directory Part 2: Attack Paths August 14, 2021In a previous blog, we provided an overview of the (unfortunately quite complex) Active Directory Attack Surface. In Part 2 of this series, we’ll explore how attackers plan their movement and traverse attack paths once they have discovered AD vulnerabilities and misconfigurations that they can exploit. The Microsoft Active Directory (AD) ecosystem consists of all […]Team Acalvio
- Protecting Microsoft Active Directory: Understanding the Attack Surface July 21, 2021In the recent SolarWinds hack and Ransomware attack on Colonial Pipeline, Active Directory (AD) compromise was at the core of the attack playbook. In this 3-part blog series, we look at protecting Microsoft Active Directory – which is central to most enterprise infrastructure layouts.Team Acalvio
- OT Risk Management – Deceiving Your Way to IT/OT Convergence June 24, 2021Securing Operational Technology (OT) networks is definitely “a thing” these days. OT environments include specialized equipment (e.g. PLCs) that monitor and control production facilities such as refineries, manufacturing plants and utilities. The stakes are high with respect to potential business continuity and safety impacts if something is compromised. To be sure, it’s not that CISOs […]Team Acalvio
- Acalvio Customer Reference – Consumer Packaged Goods June 20, 2021 Team Acalvio
- Acalvio ShadowPlex Customer Reference Research University May 21, 2021 Team Acalvio
- Tales from the trenches: Effective managed cyber threat detection and response February 19, 2021Breaches can take minutes or less for a cyber criminal to execute but often months to discoverTeam Acalvio
- Customer Reference Industrial Manufacturer February 6, 2021 Team Acalvio
- Acalvio Customer Reference Consumer Services February 6, 2021 Team Acalvio
- Threat Hunting the Modern Way January 31, 2021When you think threat hunting, what comes to mind? For most enterprise security staff, the answer is “Hmmm, not sure if that’s for me”.Team Acalvio