A water authority conducted Red Team exercises simulating a physical breach whereby the team gained access to the network via a physical connection at a control panel at two of the unmanaged locations. The result was a success with PacketViper protecting the critical operations network, blocking the attacker’s ability to further penetrate the network while alerting operators of the attack.
PacketViper today announced that it has been named a manufacturer on the Information Technology Enterprise Solutions – Software 2 (ITES-SW2) contract for the U.S. Army Computer CHESS. This contract is held by Carahsoft Technology Corp.
Operational technology (OT) networks are becoming more connected to IT environments. As such, the once dependable ‘air gap’ protection between IT and OT no longer exists. This creates cyber risk that can result in substantial financial losses, the disruption of essential services, and possibly affect national security and public welfare. For organizations relying on OT, … Continue reading >>>
Ransomware is on the rise and the increasing convergence of information technology (IT) and operational technology (OT) networks creates new pathways for attackers into coveted OT environments. As connected OT networks become more accessible to threat actors of all motivations, security teams need to look at more pragmatic ways to harden OT security without the … Continue reading >>>
How can you transform threat hunting? Consider this home security scenario: Imagine you have a choice of two home security systems: The first one only alerts you about intruders after they have broken into your house. The second one works when the threat is on your front lawn and keeps it away. Which do you … Continue reading >>>
Distributed denial of service (DDoS) attacks are on the rise. According to the Nexusguard Q2 2020 Threat Report, overall DDoS attacks increased by 515% year over year. And ‘bit-and-piece’ style attacks were up 570% compared to the same period last year. So how can you deceive bit-and-piece DDoS threats? This is a challenge, especially now, … Continue reading >>>
Heightened geopolitical tensions led to a recent warning from CISA on strengthening cyber defenses in anticipation of increased nation-state cyber attacks. While we know the specific nation-states we are most concerned with, targeting defenses against them is tricky. Attackers have abundant resources to wage dynamic, persistent attacks. Unfortunately, common cyber defense solutions are typically … Continue reading >>>
Much like the boiling frog fable, this change to our networks has happened very gradually to the point where we just accept it as normal. It’s time for a paradigm shift. It’s time for EDoS to take its place next to DDoS and DoS as things to be fought against and defeated.
Is your organization looking for a way to protect against a vendor-related breach? Do you want to enforce policies around how your vendors behave on your network? Read this blog to learn how.
This blog takes a look at crypto mining from a networking perspective. Fundamentally, crypto mining is a very long-lived TCP connection between a client and a server. The ports and protocol can vary, and the TCP communication can be encrypted. Discover how to prevent the worm from completing its crypto mining task.
Three unique use cases build a business case for deception technology as we mark the start of National Cyber Security Awareness Month (NCSAM).
A lot of CISOs look to the National Institute of Standards and Technology (NIST) and ISO for third-party validation of appropriate security controls and security program approaches. In this blog, read how NIST recommends Deception for protecting critical programs and high-value assets.
Don Gray recaps the Gartner® Security and Risk Management Summit 2019 commenting on three key points: deception prominently referenced in the keynote presentation, 7 imperatives of CARTA, and DevSecOps.
Internal and external cyber deception technology together is not your traditional approach to deception, nor to security in general. Since the days of honeypots, cybersecurity experts have utilized deception as a way to protect the network interior. Threat detection at the network perimeter, on the other hand, has seemingly been the role of firewalls. Read More…
Whatever you call the front, the ability to stop the enemy where you first face them is vital. A paired approach of deception both externally and internally represents a tremendous opportunity to reduce attack vectors and strengthen overall cyber defense.
Be our guest at RSAC 2019. Register with our special code to gain entrance to the RSAC Expo arena. Visit the large halls at the Moscone but also come visit us at the Early Stage Expo in the Marriott just down the street from the conference.
Successful adoption of cyber deception as an impactful security tool, and more than just another data generating detection solution, demands avoidance of these four common delusions. .
There are plenty of news articles claiming botnets and zombie computers are taking over the world. While I do not necessarily agree with the allegation, I believe whole heartedly botnets are the driving force of all attacks. Botnet risk is at it’s all time high. By hook or by crook, the first goal for any attacker … Continue reading >>>
Vendor Risk is a relatively new anomaly. I sometimes wonder how we ever got through the 90’s. It seems like only a few years ago when vendors received a key, code, or swipe card to come through the front door of our buildings whenever they liked. We trusted them to do their job once inside. I … Continue reading >>>
Over the past several weeks I have been practicing what I preach about password protection. I changed all my passwords to each of my online accounts to a unique password with a minimum of 20 random characters. I thought this would be a fairly simple thing to do. I decided on a common password manager, … Continue reading >>>
It’s budget season. For enterprise cybersecurity teams that means getting ready to ask for more. In most cases, not enough, but definitely more budget to find the needles in the haystacks. And most likely, more of the same stuff you already have. Far too many cybersecurity leaders are going to ask their executive teams for drastically … Continue reading >>>
Threat Intelligence has gotten a lot of attention in the last few years. What is it? Who understands it? Is it actionable? Plus think about the substantial investment for security organizations to create such a perishable good and then actually using it to protect a network can be complicated. Don’t forget the numerous reports about … Continue reading >>>
Shifts in the current cybersecurity service provider market somewhat resemble an episode of the infamous game show Wheel of Fortune, where contestants purchase letters to capitalize and prosper on the show. We’ve seen Managed Service Providers (MSPs) “buy an S”, or invest heavily in their businesses in order to become a Managed Security Service Provider … Continue reading >>>
In today’s society, when someone speaks of a “hacker”, we automatically assume that the person was trying to do something illegal and perform a major scam or breach into a network. The term “hacker” stirs up controversy among organizations and leaves a sore-spot with many. What if there was a solution… Are there good hackers today? If you answered “YES”, then you answered correctly.
Thinking you have to allow every connection to every open network port. Thinking because you have a VPN portal it’s secure. Thinking your a IDS isn’t based on variables on the past, and can predict the future. Thinking you won’t be chasing your tail over and over on false positives, and will not become jaded. … Continue reading >>>
As I read through articles on the latest security threats, breaches, door opening exploits, and vulnerabilities that left doors opened. I Ironically see a firewall ad next to the security article saying ‘The Complete Firewall Solution, Get Total Visibility Into Your Security”. The article in Reuters explained how many security systems found they were susceptible … Continue reading >>>
It takes an army of security professionals today to identify, isolate, track, and eliminate security threats, and breaches. The convolution within network security, in my opinion, has reached irresponsible levels. The days of the past where anomalies were quickly squashed by the network staff on hand is over from what I’m reading. It always seems … Continue reading >>>
The Problem The overwhelming volume of global IP traffic hitting networks today creates a crushing amount of security alerts. Too frequently, many of these alerts go unchecked while the quantity of alerts increases daily. Additionally, security analyst teams are frequently understaffed and resources/expertise are scarce across the industry. Together this presents the biggest security challenge … Continue reading >>>
The ransomware that brought hospitals throughout England and Scotland to an operational standstill is a strain of WannaCry/WannaCrypt ransomware which contains a potent and dangerous payload called ExtendBlue. What if you could block the ransomware? ExtendBlue exploits Microsoft’s SMB protocol and gives it legs. ExtendBlue allows the attacker to discover new exploitable systems within the … Continue reading >>>
Financial Services Companies in the financial services sector possess highly sensitive data, and therefore cyber-attackers typically consider the time, effort and risk of attacking them to be well worth the potential reward. At the same time that financial services companies need to leverage technology advances to support customer demands, they also need to provide superior … Continue reading >>>