MITRE Blog Terms - Attivo Networks

MITRE

Leveraging MITRE Shield to Defend Against Ransomware

Written by: Joseph R. Salazar, CISSP, CEH, EnCE – Ransomware attacks have evolved and grown in number.  Traditional ransomware sought to spread and encrypt as many endpoints as possible, but Ransomware 2.0 attacks employ advanced methods or have a human controller directing their activities. These attacks spend much more time conducting discovery to identify business-critical assets for encryption. Because these assets are essential for business continuity and daily operations, the organization is more likely to pay to recover them instead of spending the money on endpoint systems they could re-image and recover.  Attackers encrypting the entire Active Directory server infrastructure can demand much higher ransoms, and the organization must pay or else lose money, time, and resource attempting to restore operations. Additionally, these attackers often exfiltrate data and threaten to release it to induce ransom payment, often demanding a second ransom to prevent the release of the information.

Stopping the Next SolarWinds Requires Doing Something Different

By Tony Cole, CTO, Attivo Networks Will the SolarWinds breach finally prompt the right legislative and regulatory actions on a broader, more effective scale? The SolarWinds breach is not the first major supply chain breach, but previous similar breaches failed to prompt effective regulatory action. Both governments and businesses remain focused on things like cyber …

Stopping the Next SolarWinds Requires Doing Something Different Read More »

Attivo Networks’® EDN Solution Integrates with SentinelOne Singularity XDR to Deliver Protection Against Credential-Based Attacks

Integration couples unparalleled endpoint security with Active Directory protection, credential theft detection and credential exposure prevention FREMONT, Calif. – April 27, 2021 – Attivo Networks®, the industry experts in lateral movement attack detection and privilege escalation prevention, announced today a new integration for the Attivo EDN Suite with SentinelOne’s Singularity XDR platform. With an uptick …

Attivo Networks’® EDN Solution Integrates with SentinelOne Singularity XDR to Deliver Protection Against Credential-Based Attacks Read More »

Hafnium Microsoft Hack– Active Exploitation of Microsoft Exchange and Lateral Movement

Written by the Attivo Research Team – Contributing members: Gorang Joshi, Anil Gupta, Saravanan Mohan – Microsoft and Volexity have confirmed the active exploitation of vulnerabilities published by Microsoft in Exchange Server. Security research has attributed the exploitation to the Advanced Persistent Threat group known as Hafnium operating out of China. After the initial compromise, Hafnium operators accessed email accounts and deployed web shells on the compromised servers, which they then used to steal data and expand the attack. Since enterprises deploy Outlook Web Access (OWA) on public networks, it enabled the group to compromise many organizations across a large set of industries, according to ThreatPost’s blog.

Strengthening Zero-Trust Architecture

Organizations that want to stay ahead of cybercriminals will find that going beyond user trust and device trust is critical for outwitting their adversaries. The invention of the term “zero trust” is generally credited to former Forrester analyst John Kindervag more than a decade ago. Although it’s not new, the concept has received renewed interest …

Strengthening Zero-Trust Architecture Read More »

What is deception technology

Deception technology, commonly referred to as cyber deception, is a category of security tools and techniques designed to detect and divert an attacker’s lateral movement once they are inside the network. Deception technology enables defenders to identify a wide variety of attack methods without relying on known signatures or pattern matching. The technology is known …

What is deception technology Read More »

betanews

How the MITRE Shield can help organizations better address their adversaries [Q&A]

The MITRE ATT&CK framework is now used by many organizations to help them understand and counter threats. Less well known is the latest addition, MITRE Shield. [Beta News] spoke to Carolyn Crandall, chief deception officer and CMO at Attivo Networks to find out more about how this can be used along with MITRE ATT&CK to …

How the MITRE Shield can help organizations better address their adversaries [Q&A] Read More »

Attivo Networks® Names Freddy Dezeure to Advisory Board

Leader of EU MITRE ATT&CK® Community Adds to Company Bench Strength with Strategic Cyber-Risk Management Expertise Attivo Networks®, an award-winning leader in cyber deception and attacker lateral movement threat detection, today announced that Freddy Dezeure has joined the company’s Advisory Board. Freddy Dezeure is a leading independent advisor in cybersecurity and cyber-risk management and Board …

Attivo Networks® Names Freddy Dezeure to Advisory Board Read More »

How MITRE Shield helps organisations develop a better deception and concealment strategy

In today’s hyper-connected business world, maintaining effective IT security is a complex task. New cyber threats are constantly emerging, and the risk of disruption and loss has never been higher. With this challenge in mind, the US-based MITRE Corporation recently unveiled a new knowledge base designed to help organisations better understand security risks and the …

How MITRE Shield helps organisations develop a better deception and concealment strategy Read More »

Scroll to Top