Deceptions Everywhere ®

Insights on threat and cyber risk trends, use cases for deception technology
and strategies for combatting targeted attacks

Where You Can't Prevent, Preempt—by Stopping the Spread of Credentials

Posted by Gil Shulman on Apr 10, 2018 10:56:38 AM

With cyber risk an executive- and board-level concern, it's not enough to try to prevent attackers from gaining entry to your network. Advanced, persistent attackers can still get through even the most advanced defenses. Once they're in, they have the arduous task of moving from their initial point of entry to their ultimate target. This is the time when attackers are most vulnerable—and where we, as defenders, have an opportunity to tip the balance in our favor.

Read More


Our View on US CERT TA18-074A: A Critical, Missing Capability to Protect Critical Infrastructure from Targeted Attacks

Posted by Ofer Israeli on Mar 22, 2018 11:03:39 AM

On March 15, 2018, US CERT (U.S. Computer Emergency Readiness Team) issued a Technical Alert about “Russian government cyber actors” conducting a concerted cyberattack campaign against energy companies. Specifically, they gained access through small organizations connected to the target companies and then “conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS).”

Read More


MoneyTaker: A Simple Step to Avoid Being the Next APT Target

Posted by Matan Kubovsky on Dec 13, 2017 3:16:22 PM

The threat news of the week is about MoneyTaker – a cybercrime group apparently responsible for theft of over $10M from 18 banks in the US and Russia. If you’ve read any of the online accounts, it’s easy to be overwhelmed by the details and the growing sophistication of cybercrime groups. While it’s important not to downplay their fierceness and the growing risks associated with advanced persistent threats, it’s also important to focus on the relatively simple capability organizations can embrace to combat them.

Read More


By Detecting Lateral Movements, Banks Can Get Ahead of Fraud and APTs

Posted by Matan Kubovsky on Aug 21, 2017 11:08:09 AM

In 2016, the wire transfer fraud attack on Bangladesh Bank commanded huge headlines and resulted in cyber criminals stealing a whopping $81 million. It could have been worse; the massive “take” was interrupted not by IT security technologies, but by human vigilance. A watchful employee saw a spelling error in a transfer message and alerted an investigation team.

Read More


Capture the Flag: Put Us to the Test Against an Advanced Persistent Threat

Posted by Nir Greenberg on Jul 13, 2017 5:25:36 AM

Cybersecurity is in the headlines as never before, commanding greater executive attention. As the need for cybersecurity solutions has grown, record numbers of new technologies have emerged to fill the demand. But despite growing cyber spending, budgets for most organizations are finite—and so are the human resources to support and maintain the vast range of security tools they already own. It’s therefore essential to carefully scrutinize vendor offerings before signing on the dotted line.

Read More


SANS Institute on illusive Solution: A Game-Changer

Posted by Maureen McCormick on Apr 27, 2017 2:48:37 PM

Growing awareness of illusive networks Deceptions Everywhere™ technology recently led SANS Fellow, Dr. Eric Cole, to test our solution. Not only did he aim to successfully deceive an attacker, he also evaluated illusive’s scalability, manageability, and believability. The results of his (unsuccessful) efforts to attack a network and escape detection are contained in a new SANS Product Review - Deception Matters: Slowing the Adversary with illusive networks.

Read More


Stay up to date!