Resources
MOVEit Breach: The Active Defense Solution
Earlier this month, we witnessed the US Department of Energy, several other government agencies, banks and other commercial organizations hit in a global hacking campaign
Comprehensive Identity Protection through ITDR
Identity based attacks are rising dramatically. According to Verizon’s 2022 Data Breach Investigation Report, credential-based attacks have become the top path for threat actors to reach enterprise information assets.
MITRE ATT&CK Use Cases for Cybersecurity
As discussed in this whitepaper, the MITRE ATT&CK framework is a critical technology resource that can help you systematically evaluate your security measures against the potential threats you may encounter. Understanding the weaknesses in your current...
WannaCry Ransomware Analysis: Lateral Movement Propagation
In May 2017, the WannaCry ransomware attack made front-page news around the world, with at least 150 countries and over 200,000 customers affected by the attack. The WannaCry ransomware made use of an exploit that targeted the SMB protocol of Microsoft Windows.
What is an Active Directory? Why is it Important?
Microsoft created Active Directory (AD), a directory service for Windows domain networks. It offers authentication and authorization services along with a centralized location for storing and managing data about resources and users on a network. AD is crucial for...
Using Generative AI to create deceptions for Identity Protection
Generative AI has taken the world by storm. It has become an exciting and rapidly developing field that involves the creation of images, videos, music, text, and other data using generative AI models.
Deception in Depth: Mitigating Internal Attacks – Acalvio
Recently, an interesting survey pointed out that malware attacks are going fileless. In some cases, this means even using an internal employee to help with the process. For example, the attack on the Bank of Bangladesh and you quickly realize that advanced attackers...
Threat Hunting the Modern Way
When you think threat hunting, what comes to mind? For most enterprise security staff, the answer is “Hmmm, not sure if that’s for me”.
Detection of Prevalent Threats by Distributed Deception
Today’s breaches are overwhelmingly carried out in a series of sophisticated, multi-stage attacks. The stages of such attacks can best be described by a “Cyber Kill Chain,” which as per MITRE ATT&CK Adversary Tactic Model [1] breaks down cyber intrusions into the...
Hiding in Plain Sight: Streamlining Deception for Security
Honeypots. Just those three syllables are enough to cause instant nausea with a cyber security professional. Why? Honeypots are hard to operationalize into an effective, easy to use and consistent defense. But times are changing with the proliferation of deception...
If Deception is so Great, Why Isn’t Everyone Doing it?
Using deception as a threat detection solution would seem to be a no-brainer: It can detect malware at multiple points in the kill chain, with no false positives and no modifications or impact to production systems. Everyone must be doing it you would think....
Booz Allen & Acalvio Partner for Advanced Cyber Deception
Booz Allen Hamilton announced a global partnership with Acalvio today to provide Advanced Cyber Deception Capabilities to Government and Commercial Organizations.