Blog
Spreading Technique used by Retadup Worm.
Acalvio Threat Research Lab Retadup worm has been in the news recently. It was first observered infecting Israeli Hospitals [1] and recently it was observered active in South America mining for Crypto Currency[2]. The details of the worm have been published by Trend...
Can We Automate Threat Hunting?
Threat hunting has been primarily a playground for security experts to surface unknown threats. It is a proactive security approach where the hunt starts with a hypothesis about a hidden threat that may be already in the enterprise network. According to 2017 survey on...
Deception Centric Defense Against Ransomware
Team Acalvio It is estimated that in 2017, damages due to the ransomware will exceed $5 billion.[8] When successful, ransomware can not only infect the endpoint, it can also spread across the network extending its exploit. The initial versions of ransomware like...
Meeting HIPAA Requirements with Acalvio’s Deception 2.0 Solution, ShadowPlex
The recent ransomware attacks such as Wannacry have highlighted the need for robust security controls in healthcare firms. These organizations are subject to HIPAA/HITECH compliance requirements, but unfortunately many firms just seem them as a distraction. This is...
Don’t be a sitting duck. Make your BreadCrumbs & Lures Dynamic!
BreadCrumbs and Lures are very critical components of any deception based architecture. As the name suggests, breadcrumbs and lures aid to divert a threat a threat actor (an individual or malware) to deception sensors. The moment the deception sensor gets tripped,...
Reflections on a conference…
This past week I’ve spent 30 hours in planes and countless more hanging around in security lines, I’ve been heated to the point of melting, tired to the point of sleeping while standing and stressed to the point of immobility (mostly my fault due to not getting all...
Technical Analysis of Petya
Acalvio Threat Research Labs Petya is the most recent ransomware strain. It originated in Ukraine [1] and is spreading across Europe. This blog summarizes our technical analysis of Petya. Technical Analysis In addition to the encryption and ransomware...
Ransomware: Catch me if you can.
Ransomware demand in 2016 was around a billion dollars[1]. WannaCry[3] was the recent ransomware campaign that spread across 150 countries affecting 200,000 users. It is estimated that in 2017[2], damages due to ransomware will exceed $5 billion. Modern defenses make...
The Industry’s First “Deception 2.0 for Dummies” Book
Since the dawn of time, deception has been used in nature in various forms as a successful survival strategy and has played an important role in the physical and behavioral adaptations of all organisms. Humankind, with its higher cognitive ability, has successfully...