Deceptions Everywhere ®

Insights on threat and cyber risk trends, use cases for deception technology
and strategies for combatting targeted attacks

Protecting Growing Healthcare Organizations from Advanced Attackers

Posted by Beth Ruck on Mar 12, 2018 11:10:59 AM

Digitization and digital transformation in healthcare are delivering amazing advances in everything from diagnostic imaging and patient monitoring to medication safety, insurance claims processing, medical devices, and genetic research. As healthcare organizations reap significant benefits from innovation, they also must protect themselves and their patients from cyber attackers who develop increasingly sophisticated attack tools and methodologies.

Read More


The History of Deception Technology: Applying Ancient Tactics to Counter Cyber Security Threats

Posted by Beth Ruck on Feb 5, 2018 9:21:39 AM

What do enterprise security teams have in common with Hannibal at the Battle of Cannae in 216 B.C.? A lot. Both face an onslaught of adversaries. Both have valuable reputations and territory (or markets) at stake. And both need a way to outdistance enemies by enlisting new tactics. With today’s cyberattacks, yesterday’s approaches are not enough. As it did for Hannibal, deception offers a way to turn attackers’ own methods against them. The history of deception shows that weapons and tactics might change, but the ability to make an adversary act on something that isn’t real offers modern enterprise defenders a new arsenal of tools.

Read More


Cyber Attacks Continue to Target SWIFT: The Globex Bank Incident Reminds Us of Urgent Actions to Prevent Fraud Losses

Posted by Matan Kubovsky on Dec 22, 2017 5:22:45 PM

As 2017 comes to a close, the string of recent attacks on SWIFT and other financial messaging systems are emerging as one of the main threat trends. News has just surfaced of another such attack – this time impacting Globex Bank in Russia, which took place on December 15th. Attackers apparently attempted to steal almost $1M by manipulating international transfer requests through the systems within the bank that connect to the SWIFT messaging service. 

Read More


Case Study: Deception Catches an Insider Threat

Posted by Hadar Yudovich on Dec 21, 2017 4:16:21 AM

People usually associate “advanced persistent threat” (APT) with malicious outsiders—nation-state or other sophisticated attackers. Generally, once an APT attacker has established an initial foothold, they conduct “low-and-slow”-style attacks involving a prolonged period of reconnaissance and lateral movement. Insider threats are usually thought of as intentional (or sometimes accidental) acts of data theft or other compromise committed by trusted users who know their way around and have legitimate, open access to sensitive assets.

Read More


MoneyTaker: A Simple Step to Avoid Being the Next APT Target

Posted by Matan Kubovsky on Dec 13, 2017 3:16:22 PM

The threat news of the week is about MoneyTaker – a cybercrime group apparently responsible for theft of over $10M from 18 banks in the US and Russia. If you’ve read any of the online accounts, it’s easy to be overwhelmed by the details and the growing sophistication of cybercrime groups. While it’s important not to downplay their fierceness and the growing risks associated with advanced persistent threats, it’s also important to focus on the relatively simple capability organizations can embrace to combat them.

Read More


From Honeypots to Endpoint-Based Deception: Deception Becomes a Cybersecurity “Must-Have”

Posted by Beth Ruck on Dec 7, 2017 8:22:48 AM

It goes without saying that rigorous security controls are irreplaceable. But no matter how strong an organization’s cybersecurity defenses are, determined attackers will still get in. Whether malicious insiders or external actors, persistent attackers fly below the radar and reside for months inside a network. They’re patient, studying the infrastructure and carefully planning their attack because what they’re typically after are the crown jewels of your business: essential data volumes, intellectual property, financial transactions, or revenue-dependent business operations.

Read More


Stay up to date!