Resources
Protecting Microsoft Active Directory: Understanding the Attack Surface
In the recent SolarWinds hack and Ransomware attack on Colonial Pipeline, Active Directory (AD) compromise was at the core of the attack playbook. In this 3-part blog series, we look at protecting Microsoft Active Directory – which is central to most enterprise infrastructure layouts.
OT Risk Management – Deceiving Your Way to IT/OT Convergence
Securing Operational Technology (OT) networks is definitely “a thing” these days. OT environments include specialized equipment (e.g. PLCs) that monitor and control production facilities such as refineries, manufacturing plants and utilities. The stakes are high with respect to potential business continuity and safety impacts if something is compromised.
The Solarwinds Attack – Don’t Trust; Always Verify
What’s the biggest lesson from the SolarWinds fiasco? Just focusing security defenses on the most common means of penetrating an organization doesn’t cut it.
Acalvio ShadowPlex for MITRE Shield
MITRE recently announced the first release of Shield MITRE recently announced the first release of Shield, an active defense knowledgebase on how to defend and engage with adversaries. The knowledgebase is a significant endorsement to Cyber Deception as a dynamic...
Fact: Latest Ransomware Can Bypass AV/EPP/EDR Solutions
Ransomware attacks have become an easy approach for cybercriminals Ransomware attacks have become an easy approach for cybercriminals to target businesses of all sizes – transcending industry types and geographies. There has been a marked transition in ransomware...
The Wide-Ranging Implications of the CCPA-11.20.2019
The California Consumer Privacy Act, or CCPA, goes into effect on Jan. 1, 2020. Most mid-sized companies still have no clue about this data privacy legislation or how it will impact their business operations. We’ll dig into this topic a bit, but recognize that we are...
Hacking Back With The Active Cyber Defense Certainty Act
H.R. 3270 ...also known as the Active Cyber Defense Certainty Act (ACDC), will, if it becomes law, allow victims of hacking to execute self-defense outside of their networks. The essence of this bill was originally introduced in 2017 as H.R. 4036, which subsequently...
Not all Anomalous Behavior is Malicious – Not all Malicious Behavior is Anomalous!
Malicious behavior: we generally know it when we see it Most of the time, unfortunately, malicious behavior is hidden from view. Consider that the average dwell time for cyberattackers within networks is still measured in months. Per FireEye, the global median dwell...
Carbanaks War Against Financial Institutions – Deception Can Help
Carbanak has been at war with financial institutions for about five years now We expect this war to continue and escalate. Carbanak is, of course, the devastatingly powerful banking trojan that has plagued financial institutions since approximately 2014. Carbanak’s...