Illusive Joins CyberArk Marketplace

We’ve got some exciting news to share with you: we’ve just joined CyberArk Marketplace! As you may know, CyberArk offers the leading Privileged Access Management solution and is the only security software company focused on eliminating cyber threats that use insider privileges to attack an organization’s most critical assets and infrastructure. The CyberArk Marketplace delivers unprecedented simplicity and speed for security and IT operations teams to extend the benefits of securing privileged access across the enterprise – on-premises, in hybrid cloud environments, and throughout the DevOps pipeline.
Read More

Securing Identities Through Digital Transformation By Reducing The Attack Surface

The topic of accelerated (or forced) digital transformation has been top of mind during many of my recent discussions with customers.  It comes as no surprise that human-operated campaigns, such as ransomware, quickly and enthusiastically adapted to the entire global workforce now operating remotely, imposing many organizations to modernize their cyber resiliency and security operations.   From a more fundamental technology perspective, it may be a positive side benefit for organizations that had long term multi-year plans for digital transformation and are now embracing technology to enable their business.
Read More

Healthcare Under Cyberattack – Advanced Ransomware, IoMT Devices, and Data Breaches

Healthcare institutions are facing unprecedented threats. We’ve all been rocked with horror at the major cyberattacks on hospitals this past week. What’s scary about these types of attacks is that they can very quickly lead to lost lives, not just lost dollars.
Read More

Preventing Attackers From Turning a Cloud Ecosystem Into a Security Nightmare

One topic we’ve written about a lot on this blog is lateral movement, when attackers leverage existing credentials and connections to move from one machine to another within an environment. When you add cloud to the mix, however, there are so many changes - from new attack vectors to methodologies and prioritizations - that the phrase seems incomplete.
Read More

LockerGoga Attack Underscore The Need for Cyber Hygiene

Spring is here, and with it comes news of a new and vicious ransomware attack, known as LockerGoga. Read More

Why Healthcare Cybersecurity Should Focus on the Attacker?

At a recent industry event, I got to chatting with the CISO of a major children’s hospital. Over a beer, he shared with me the challenges he faces daily. Our far-reaching conversation covered nation-state actors enticing students to exfiltrate clinical trial test results, to his search for a secure USB port cover for patient-facing devices. Maybe it was the beer, but as he described his tribulations, each to me worse than the next, his enthusiasm and energy grew. Every so often he stopped to shake his head in disbelief at his own story as if to say, “Even I can’t believe how bad this is…” Read More

Preemptive Deception Prevents Malicious Lateral Movement

With cyber risk an executive- and board-level concern, it's not enough to try to prevent attackers from gaining entry to your network. Advanced, persistent attackers can still get through even the most advanced defenses. Once they're in, they have the arduous task of moving from their initial point of entry to their ultimate target. This is the time when attackers are most vulnerable—and where we, as defenders, have an opportunity to tip the balance in our favor. Read More

US CERT TA18-074A & Use of Cyber Deception on Dragonfly

On March 15, 2018, US CERT (U.S. Computer Emergency Readiness Team) issued a Technical Alert about “Russian government cyber actors” conducting a concerted cyberattack campaign against energy companies. Specifically, they gained access through small organizations connected to the target companies and then “conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS).” Read More

Prevent Cybercrime from The MoneyTaker Hacking Group

The threat news of the week is about MoneyTaker – a cybercrime group apparently responsible for theft of over $10M from 18 banks in the US and Russia. If you’ve read any of the online accounts, it’s easy to be overwhelmed by the details and the growing sophistication of cybercrime groups. While it’s important not to downplay their fierceness and the growing risks associated with advanced persistent threats, it’s also important to focus on the relatively simple capability organizations can embrace to combat them. Read More

Banks Can Get Ahead of Fraud by Detecting Lateral Movements

In 2016, the wire transfer fraud attack on Bangladesh Bank commanded huge headlines and resulted in cyber criminals stealing a whopping $81 million. It could have been worse; the massive “take” was interrupted not by IT security technologies, but by human vigilance. A watchful employee saw a spelling error in a transfer message and alerted an investigation team. Read More