Deceptions Everywhere ®

Insights on threat and cyber risk trends, use cases for deception technology and strategies for combatting targeted attacks

Next-Gen Deception Technology: Moving Beyond Honeypots

Is it time for the proverbial “Honeypots are Dead” Post?

Returning from Black Hat earlier this month, I couldn’t help but reflect on how honeypots were still the first thing that came to mind when many attendees heard the word “deception.” It’s true that when deception technology first emerged years ago, honeypots were the most analogous technology to describe the way deception worked, in that a honeypot tries to trick an attacker into interacting with it. However, deception has come a long way since honeypots materialized in the 1990s and were first commercialized in the 2000s. Call the new generation of deception technology what you will, just don't call it a honeypot. Read More

Attackers Like Credentials More Than Exploit Kits, IAM & PAM

You're vulnerable. And cyber attackers know it. Read More

A Deception Technologist’s View of Cloud Security

As I sat down to write this post, I couldn’t help amusing myself with yet another corny “cloud” analogy: The potential for lateral movement between different parts of the extended corporate ecosystem is a bit like all the different types of lightening there are. If, besides being a tech geek, you are also a weather geek, you can read about lighting here. Among other things, this site explains that “Anvil Crawlers are horizontal tree-like, in-cloud lightning discharges whose leader propagation is slow enough… that a human observer… can see its rapid motion across the sky.” Where cloud security is concerned, Illusive’s aim is to make malicious lateral movement to, from, and between clouds slow and visible to the human eye—so that security teams can stop cyberattacks before a successful strike. Read More

LockerGoga Attack Underscore The Need for Cyber Hygiene

Spring is here, and with it comes news of a new and vicious ransomware attack, known as LockerGoga. Read More

Attackers Use Privileged Credentials in Domain Persistence

The top risk cyberattackers face is the risk of getting caught. But executing an attack is typically a labor-intensive process. Attackers also worry that the access they’ve worked so hard to establish might suddenly get cut off if a password gets changed or an account they’re using is retired or removed from the domain. Read More

Illusive Networks Completes Its 100th Software Release

On February 13th, we broke out the hats and balloons (read: hummus and beer) to celebrate Illusive’s 100th software sprint. For 100 releases now, we’ve been helping our customers—hundreds of organizations across industries—revolutionize their ability to stop advanced cyberattackers. Read More

Vulnerability Management: 3 Issues in Prioritizing Patching

Let’s tackle a familiar, yet daunting problem for vulnerability management (VM) teams: The patching “to-do” list in most organizations is so long that having some way to prioritize patching of networked endpoints, servers and other assets is essential for limiting exposure to cyberattacks. Read More

Increase Security: Go Beyond HIPAA Compliance Requirements

 

HIPAA Compliance—Cyberattackers Aren’t Fazed

In spite of longstanding HIPAA compliance requirements, and the billions of dollars being invested to ensure HIPAA compliance, it seems that cyberthreats and attackers aren't fazed. Healthcare suffered from some of the largest breaches ever reported in 2015. The breach at Anthem compromised 78.8 million records, and two additional breaches exposed more than 10 million records each1. The following year, 2016, saw the highest number of breaches with 327 reported. The number of breaches in 2017 surpassed 2016, with more than 342 reported. While the number of breaches grew, the number of compromised records dropped from 112 million in 2016 to a little more than 14 million in 2017. Read More

Increase Cybersecurity During Mergers And Acquisitions

More than $2.5 trillion in mergers were announced in the first half of 2018[1]a new record. Ranked by value of the deal, energy and power deals led, followed by media and entertainment, with healthcare and industrials close behind. Industries are converging and organizations are using acquisitions, divestitures, and other forms of asset remix to reposition their businesses. For example, there are numerous mergers among pharmaceutical, life sciences, and biotech companies as they seek to gain traction in a highly fragmented market. EY predicts that the total value of life sciences M&A will surpass $200 billion in 2018. According to Deloitte, technology acquisition is the primary driver of M&A pursuits, ahead of expanding customer bases in existing markets, and adding products or services[3]. Read More

3 Ways Privileged Credentials Are Available to Cyberattacker

Preventing the ability of attackers to perform lateral movement within your network is not only a threat detection function—it’s also a cyber hygiene function. In this blog, we’ll review some of the most common—and invisible—ways that privileged user credentials proliferate in enterprise networks. It’s well understood that domain admin or other high-powered credentials are gold to a cyberattacker. With “keys to the kingdom,” they can move easily and silently from one system to another, change domain attributes, add permissions, change passwords, and connect to any machine in the domain. Most organizations dedicate significant resources to careful management of Active Directory and use various technologies and practices to control access privileges. But our experience shows that even in the most diligent organizations, privileged user credentials are more accessible to attackers than you’d think. Read More