Blog  

Our blog is a playground with fresh ideas about security and our approach.

6 Jul

How Deception Technology Helps the Modern CISO

READ MORE

What makes deception technology a necessary part of a CISO’s overall security strategy? The simple answer is that it allows a CISO to address key pain points that are causing major operational challenges right now. It also provides valuable clarity to help keep leadership teams on-side. Let’s take a quick look at some of the key pain points: - Monetary cost per incident - Time to incident detection - Time to incident close

23 Jun

From Telemetry to TTPs: a Sample Analysis of a Mining Linux Botnet, Using Cyber Deception

READ MORE

One of the main challenges when investigating an incident is being able to convert all the raw data (typically logs) that you can gather into TTPs (Tools, Techniques and Procedures), or even better, into operational information. By using deception techniques we have a significant advantage over other security tools because, in theory, all activity collected from any deception campaign should be malicious per se. That’s a great help when trying to find the needle in the haystack, but in reality it is not so easy, as any machine or cloud service is usually running many other agents, processes or cron tasks that add a lot of noise to the instrumentation.

17 Jun

CounterCraft raises $5 million in a funding round led by Adara Ventures, and joined by new investors eCAPITAL and Red Eléctrica Group

READ MORE

CounterCraft announced it has secured $5 million funding. The investment will accelerate global growth as we focus on acquiring market share in the US with our cyber threat defense platform, following successful expansion across Europe and in the UK. David Barroso, CEO and Co-Founder, CounterCraft, said: “We are energised and delighted to announce concluding our latest funding round with a total of $5 million and to welcome eCAPITAL and Red Electrica Group to our list of specialized investor firms.

9 Jun

Are You Getting Value From Your Threat Intelligence Service?

READ MORE

Gartner has recently published the Market Guide for Security Threat Intelligence Product and Services by analysts Craig Lawson, Brad LaPorte, Ruggero Contu, John Collins and Mitchell Schneider, which provides end users with guidance on how to ensure that they are getting the best value from threat intelligence services. This excellent piece of research is extremely valuable for those that do not have a threat intelligence service and are currently looking at what potential options they may have.

1 Jun

Attack Trees in Deception Campaigns

READ MORE

The concept of attack trees or attack paths and how to increase the cost for the attacker in time and resources (not always monetary) has been discussed many times and it is still considered a good approach in any modern security strategy. Bruce Schneier explained the concept in the Dr. Dobb’s Journal in 1999K Leveraging an attack tree model is not only an important step towards formalizing our understanding of attacks, but also a means to understanding our defense.

27 May

How to Effectively Use MITRE ATT&CK and Deception Campaigns to Engage with Threat Actors

READ MORE

The growing popularity of MITRE ATT&CK is a good indication that finally, we have a common language to describe the tools, techniques and procedures (TTPs) that threat actors are using in their daily operations. At CounterCraft, we have been firm believers in MITRE ATT&CK; we first added support for the first versions of the ATT&CK Matrix in our Deception Director product at the end of 2018, and now we are rolling out all the new subtechniques.

18 May

Data Protection for the Healthcare Sector and Laboratories

READ MORE

In a post COVID-19 world the security landscape of many organisations has been radically realigned. In particular, the healthcare sector was facing significant challenges prior to the pandemic, so the current situation has only added to the security burdens they face. During the course of 2018-2019 the sector suffered a number of significant data breaches. The question most CISOs face is how they can radically improve the security controls in an environment where they, above all sectors, will probably face a greater number of attacks from a diverse range of threat actors.

7 May

Remote Access & VPN Risks in the New Cybersecurity Scenario

READ MORE

With most employees working from home amid today’s COVID-19 outbreak, VPN and remote access to enterprise resources have drastically increased. This is a huge challenge for the IT and security departments as many security experts believe that the current VPN deployments are designed for a small percentage of employees of the organizations and not for the overwhelming number of teleworkers who now need to access them repeatedly throughout the workday. Many of these users can be tempted out of VPN access due to the associated slowing down or dropping of the connection, or the availability of unpatched desktop and laptop computers, and other non compatible devices where no VPN client is available.

28 Apr

How to Use Cyber Deception Technology to Block Targeted Phishing Campaigns

READ MORE

In these uncertain times, CISOs are having to deal with an entirely new security profile for their organisations. The ability to control every security facet on end users’ machines has been loosened considerably. So, the challenge is: how can a CISO realign their security strategy to deal with the altered risk profile they face? Let’s use spear phishing as a simple example to illustrate the point of how old threats present a different challenge regarding the new operating environment.

16 Apr

Proactive cybersecurity during COVID-19 and beyond

READ MORE

We are currently in the midst of a global crisis produced by the coronavirus pandemic and the world as we know will probably change. In times of crisis, cybersecurity is increasingly relevant and we need to pay extra attention to the rise in cybersecurity attacks perpetrated by different adversaries, such as cybercriminals or nation-state sponsored groups, as they look to capitalise on the situation. All verticals are affected, but the manufacturing, pharmaceutical, travel, healthcare, and insurance industries now seem to be the main target.

Page 1 of 8