Introduction:
As detection mechanisms grow more sophisticated, malware developers try new
methods to evade. Recently, there has been a growing trend to exfiltrate data
and issue commands to malware via the DNS protocol.
DNS Command & Control and DNS exfiltration can be successful because DNS is …
READ MORE
Security spending is on the rise and prioritized over other IT investments
for 2018. A recent Tech Pro Research survey revealed 53 percent of
respondents said security will be a top priority in their overall 2018
budget, which 39 percent expect to increase from 1-10 percent over 2017.1
These inc …
READ MORE
By now we are all aware of the commotion that ensued behind the scenes of the
opening ceremonies of the Pyeongchang Olympics. Organizers have indeed
confirmed an attack on non-critical computer systems. For approximately 12
hours on Friday the Olympic networks were down due to the attacks. WiFi
…
READ MORE
Introduction:
Recent research conducted by our threat research team has identified a new
method of covert channel data exchange using a well-known and widely
implemented public key certificates standard (X.509) utilized in both TLS and
SSL cryptographic internet protocol implementations. While c …
READ MORE
Intelligent deception technology exploits the need of an attacker to discover
as much as they can about where they are in the organization’s network
immediately post compromise. This is a process not a single event.
We have covered active directory and credential breadcrumbs,and file and
data …
READ MORE
Cyber attacks are not single events, they’re processes. When attackers
first access a network or endpoint, they don’t know where they are. So they
carefully try to find out as much as possible about the organization. This is
precisely the behavior that intelligent deception technology can exp …
READ MORE
Cyber attacks are processes that compromise, spread and exploit multiple
systems across an organization. They’re not single events. When attackers
compromise an asset, they don’t know which asset is infected; they must
determine where they are in the network, the network structure and where t …
READ MORE
To attract attackers, decoys are made to resemble the target systems as
closely as possible. They have the look and feel of systems that an attacker
seeks. Intelligent deception solutions actively lure attackers to the decoys
once they have penetrated the perimeter. These lures, or breadcrumbs, e …
READ MORE
This report, conducted by SC Media and sponsored Fidelis asked security
leaders, decision makers and influencers what they were most concerned about,
what their C-Suite was most concerned about, and what they’re doing (or
planning to do) about it. As we start off 2018 it is clear that cybersecu …
READ MORE