Resources
HHS Recommends Including Deception Technology as a Critical Component of Cybersecurity Practices for Healthcare Organizations
One hundred and forty pages strong, the Health Industry Cybersecurity Practices (HICP) Technical Volume
The Identity Battlefield: Lessons from 2023’s Attacks and the Roadmap to Cybersecurity Resilience in 2024
In 2023, we witnessed a chilling parade of cyber-attacks where compromised enterprise identities served as the proverbial unlocked door!
Stopping identity-driven attacks from unmanaged endpoints
In cybersecurity, unmanaged endpoints represent a significant vulnerability within even the most meticulously planned defense strategies.
Cybersecurity Awareness Month: Cyber Deception in Focus
In the world of digital defenses and ever-changing threat landscapes, October holds a special significance – it is Cybersecurity Awareness Month!
Defending against identity impersonation attacks at MGM Resorts
MGM Resorts was compromised by a threat actor, Scattered Spider (UNC3944). The threat actor gained control over the super administrator account of Okta, gained Azure administrative rights, and gained Domain Admin privileges over the Active Directory.
Deception: The Fast Track to Zero Trust Security
Zero Trust is a great idea that’s hard to argue with
Combating Log4Shell Exploits
Why Is a Log4Shell Exploit Considered a Serious Risk to Enterprises? Apache Log4j is used in thousands of enterprise applications across the stack and appliances with a web interface. Log4j is also an embedded component of many Java-based OT/ICS hardware and software...
Deception Tech in Healthcare: Addressing Device Risks – Acalvio
Healthcare institutions are heavily targeted by cyber attackers. The critical services these institutions provide, the volume of sensitive data they handle, the mix of IT and OT infrastructure, and unpreparedness make healthcare institutions very attractive and...
Identity Security Part 2: The Identity Security Ecosystem
This blog describes the identity security ecosystem. The blog covers the components of an identity security ecosystem, what each component does in an enterprise, and describes some limitations.
Identity-Based Attacks: A Breakdown of Types and Mechanisms
Cyberattacks have become a persistent threat to organizations across sectors. As the cyber threat landscape grows more complex, attacks are becoming larger and more scalable.
Acalvio & CrowdStrike Boost Identity Security with HoneyTokens
Acalvio Technologies and CrowdStrike Falcon® Identity Protection help customers combat increasingly sophisticated identity-based attacks.
Mitigating Microsoft Email Hack Attacks on US Federal Agencies and Western European Government Agencies
A Chinese hacking group breached email accounts of several US and Western European government agencies. What was their modus operandi and primary motive?