MITRE

Building a Cyber Deception Maturity Model Roundtable, moderated by MITRE

Participants: MITRE: Gabby Raymond  | Attivo Networks: Tony Cole, Kevin Hiltpold  | UAlbany: Professor Sanjay Goel, Dominick Foti  | CounterCraft: Richard Barrell Join the conversation on building a cyber deception maturity model. Listen to roundtable participants from Attivo Networks, CounterCraft, University of Albany, and MITRE as they discuss why organizations need a cyber deception maturity …

Building a Cyber Deception Maturity Model Roundtable, moderated by MITRE Read More »

Cyber Deception Day “Take Back the Advantage” live broadcast hosted by Deceptive Defense, MITRE and SANS

Background April 1st  is celebrated as April Fools’ Day in many countries around the world.  While accounts differ as to the origin of the day, the first day of April is often an opportunity to play pranks or practical jokes on friends, family, and loved ones.  This tradition is a perfect opportunity to ensure our …

Cyber Deception Day “Take Back the Advantage” live broadcast hosted by Deceptive Defense, MITRE and SANS Read More »

Leveraging MITRE Shield to Defend Against Ransomware

Leave a Comment / Blogs, Ransomware / By / October 6, 2021

Written by: Joseph R. Salazar, CISSP, CEH, EnCE – Ransomware attacks have evolved and grown in number.  Traditional ransomware sought to spread and encrypt as many endpoints as possible, but Ransomware 2.0 attacks employ advanced methods or have a human controller directing their activities. These attacks spend much more time conducting discovery to identify business-critical assets for encryption. Because these assets are essential for business continuity and daily operations, the organization is more likely to pay to recover them instead of spending the money on endpoint systems they could re-image and recover.  Attackers encrypting the entire Active Directory server infrastructure can demand much higher ransoms, and the organization must pay or else lose money, time, and resource attempting to restore operations. Additionally, these attackers often exfiltrate data and threaten to release it to induce ransom payment, often demanding a second ransom to prevent the release of the information.

It wire logo

Preventing The Next SolarWinds Attack Requires A Different Approach

Leave a Comment / Attivo News / By / April 6, 2022

By Jim Cook, ANZ Regional Director, Attivo Networks. When the global SolarWinds cyberattack came to light earlier this year, it sparked grave concerns across private and public-sector organisations. If attackers could use software from a trusted vendor to breach defences, how could security ever be guaranteed again? In the wake of the attack, both governments …

Preventing The Next SolarWinds Attack Requires A Different Approach Read More »

Stopping the Next SolarWinds Requires Doing Something Different

Leave a Comment / Attivo News / By / April 20, 2022

By Tony Cole, CTO, Attivo Networks Will the SolarWinds breach finally prompt the right legislative and regulatory actions on a broader, more effective scale? The SolarWinds breach is not the first major supply chain breach, but previous similar breaches failed to prompt effective regulatory action. Both governments and businesses remain focused on things like cyber …

Stopping the Next SolarWinds Requires Doing Something Different Read More »

What Texas Power Outages Can Teach Us About Securing the Electric Grid

Leave a Comment / Attivo News / By / April 20, 2022

By Tony Cole, CTO, Attivo Networks Uncharacteristic winter weather recently sent the Texas power grid into overdrive, resulting in mass outages. Unfortunately, inclement weather isn’t the only threat facing utility companies: Cyber threats have the potential to impact the power grid in a similarly serious manner. The pandemic has compounded existing risks, driving utilities’ digital transformation …

What Texas Power Outages Can Teach Us About Securing the Electric Grid Read More »

Attivo Networks’® EDN Solution Integrates with SentinelOne Singularity XDR to Deliver Protection Against Credential-Based Attacks

Leave a Comment / Partner, Press Release / By / April 27, 2021

Integration couples unparalleled endpoint security with Active Directory protection, credential theft detection and credential exposure prevention FREMONT, Calif. – April 27, 2021 – Attivo Networks®, the industry experts in lateral movement attack detection and privilege escalation prevention, announced today a new integration for the Attivo EDN Suite with SentinelOne’s Singularity XDR platform. With an uptick …

Attivo Networks’® EDN Solution Integrates with SentinelOne Singularity XDR to Deliver Protection Against Credential-Based Attacks Read More »

Hafnium Microsoft Hack– Active Exploitation of Microsoft Exchange and Lateral Movement

Leave a Comment / Active Directory, Blogs, Cloud, Endpoint Protection, Event, ThreatPath / By / March 15, 2021

Written by the Attivo Research Team – Contributing members: Gorang Joshi, Anil Gupta, Saravanan Mohan – Microsoft and Volexity have confirmed the active exploitation of vulnerabilities published by Microsoft in Exchange Server. Security research has attributed the exploitation to the Advanced Persistent Threat group known as Hafnium operating out of China. After the initial compromise, Hafnium operators accessed email accounts and deployed web shells on the compromised servers, which they then used to steal data and expand the attack. Since enterprises deploy Outlook Web Access (OWA) on public networks, it enabled the group to compromise many organizations across a large set of industries, according to ThreatPost’s blog.

Dark Reading

Strengthening Zero-Trust Architecture

Leave a Comment / Attivo News / By / April 22, 2022

Organizations that want to stay ahead of cybercriminals will find that going beyond user trust and device trust is critical for outwitting their adversaries. The invention of the term “zero trust” is generally credited to former Forrester analyst John Kindervag more than a decade ago. Although it’s not new, the concept has received renewed interest …

Strengthening Zero-Trust Architecture Read More »

What is deception technology

Leave a Comment / Attivo News / By / April 22, 2022

Deception technology, commonly referred to as cyber deception, is a category of security tools and techniques designed to detect and divert an attacker’s lateral movement once they are inside the network. Deception technology enables defenders to identify a wide variety of attack methods without relying on known signatures or pattern matching. The technology is known …

What is deception technology Read More »

Scroll to Top