MITRE Blog Terms - Attivo Networks

MITRE

Leveraging MITRE Shield to Defend Against Ransomware

Written by: Joseph R. Salazar, CISSP, CEH, EnCE – Ransomware attacks have evolved and grown in number.  Traditional ransomware sought to spread and encrypt as many endpoints as possible, but Ransomware 2.0 attacks employ advanced methods or have a human controller directing their activities. These attacks spend much more time conducting discovery to identify business-critical assets for encryption. Because these assets are essential for business continuity and daily operations, the organization is more likely to pay to recover them instead of spending the money on endpoint systems they could re-image and recover.  Attackers encrypting the entire Active Directory server infrastructure can demand much higher ransoms, and the organization must pay or else lose money, time, and resource attempting to restore operations. Additionally, these attackers often exfiltrate data and threaten to release it to induce ransom payment, often demanding a second ransom to prevent the release of the information.

It wire logo

Preventing The Next SolarWinds Attack Requires A Different Approach

By Jim Cook, ANZ Regional Director, Attivo Networks. When the global SolarWinds cyberattack came to light earlier this year, it sparked grave concerns across private and public-sector organisations. If attackers could use software from a trusted vendor to breach defences, how could security ever be guaranteed again? In the wake of the attack, both governments …

Preventing The Next SolarWinds Attack Requires A Different Approach Read More »

Stopping the Next SolarWinds Requires Doing Something Different

By Tony Cole, CTO, Attivo Networks Will the SolarWinds breach finally prompt the right legislative and regulatory actions on a broader, more effective scale? The SolarWinds breach is not the first major supply chain breach, but previous similar breaches failed to prompt effective regulatory action. Both governments and businesses remain focused on things like cyber …

Stopping the Next SolarWinds Requires Doing Something Different Read More »

What Texas Power Outages Can Teach Us About Securing the Electric Grid

By Tony Cole, CTO, Attivo Networks Uncharacteristic winter weather recently sent the Texas power grid into overdrive, resulting in mass outages. Unfortunately, inclement weather isn’t the only threat facing utility companies: Cyber threats have the potential to impact the power grid in a similarly serious manner. The pandemic has compounded existing risks, driving utilities’ digital transformation …

What Texas Power Outages Can Teach Us About Securing the Electric Grid Read More »

Attivo Networks’® EDN Solution Integrates with SentinelOne Singularity XDR to Deliver Protection Against Credential-Based Attacks

Integration couples unparalleled endpoint security with Active Directory protection, credential theft detection and credential exposure prevention FREMONT, Calif. – April 27, 2021 – Attivo Networks®, the industry experts in lateral movement attack detection and privilege escalation prevention, announced today a new integration for the Attivo EDN Suite with SentinelOne’s Singularity XDR platform. With an uptick …

Attivo Networks’® EDN Solution Integrates with SentinelOne Singularity XDR to Deliver Protection Against Credential-Based Attacks Read More »

Hafnium Microsoft Hack– Active Exploitation of Microsoft Exchange and Lateral Movement

Written by the Attivo Research Team – Contributing members: Gorang Joshi, Anil Gupta, Saravanan Mohan – Microsoft and Volexity have confirmed the active exploitation of vulnerabilities published by Microsoft in Exchange Server. Security research has attributed the exploitation to the Advanced Persistent Threat group known as Hafnium operating out of China. After the initial compromise, Hafnium operators accessed email accounts and deployed web shells on the compromised servers, which they then used to steal data and expand the attack. Since enterprises deploy Outlook Web Access (OWA) on public networks, it enabled the group to compromise many organizations across a large set of industries, according to ThreatPost’s blog.

Dark Reading

Strengthening Zero-Trust Architecture

Organizations that want to stay ahead of cybercriminals will find that going beyond user trust and device trust is critical for outwitting their adversaries. The invention of the term “zero trust” is generally credited to former Forrester analyst John Kindervag more than a decade ago. Although it’s not new, the concept has received renewed interest …

Strengthening Zero-Trust Architecture Read More »

What is deception technology

Deception technology, commonly referred to as cyber deception, is a category of security tools and techniques designed to detect and divert an attacker’s lateral movement once they are inside the network. Deception technology enables defenders to identify a wide variety of attack methods without relying on known signatures or pattern matching. The technology is known …

What is deception technology Read More »

betanews

How the MITRE Shield can help organizations better address their adversaries [Q&A]

The MITRE ATT&CK framework is now used by many organizations to help them understand and counter threats. Less well known is the latest addition, MITRE Shield. [Beta News] spoke to Carolyn Crandall, chief deception officer and CMO at Attivo Networks to find out more about how this can be used along with MITRE ATT&CK to …

How the MITRE Shield can help organizations better address their adversaries [Q&A] Read More »

Scroll to Top