Deceptions Everywhere ®

Insights on threat and cyber risk trends, use cases for deception technology
and strategies for combatting targeted attacks

Why Digital Forensics are Instrumental to Rapid Incident Response

Posted by Jason Silberman on Mar 14, 2019 5:20:26 PM

The practice of digital forensics in cybersecurity focuses on recovering and investigating artifacts found on devices to determine the nature of an incident or cyberattack.

Read More


Vulnerability Management: 3 Questions That Will Help Prioritize Patching

Posted by Jason Silberman on Feb 25, 2019 4:06:52 PM

Let’s tackle a familiar, yet daunting problem for vulnerability management (VM) teams: The patching “to-do” list in most organizations is so long that having some way to prioritize patching of networked endpoints, servers and other assets is essential for limiting exposure to cyberattacks.

Read More


Ponemon Report: How Security Teams Defend Against Post-Breach Attackers

Posted by Beth Ruck on Nov 15, 2018 9:57:52 AM

Moody's Cyber Risk Group: “Cyber becomes more and more important.”

On November 12, Moody’s announced its intent to start incorporating in its credit rating method the degree to which an organization faces risk of major impact from a cyberattack. This follows the news, back in February 2018, that the Securities and Exchange Commission issued additional guidance on its requirement that public companies must “inform investors about material cybersecurity risks and incidents,” even if they have not yet been the target of a cyberattack.  

Read More


Merger Mania: A Mega-Opportunity for Cyberattackers

Posted by Ofer Israeli on Nov 13, 2018 7:02:00 AM

More than $2.5 trillion in mergers were announced in the first half of 2018[1]a new record. Ranked by value of the deal, energy and power deals led, followed by media and entertainment, with healthcare and industrials close behind. Industries are converging and organizations are using acquisitions, divestitures, and other forms of asset remix to reposition their businesses. For example, there are numerous mergers among pharmaceutical, life sciences, and biotech companies as they seek to gain traction in a highly fragmented market. EY predicts that the total value of life sciences M&A will surpass $200 billion in 2018. According to Deloitte, technology acquisition is the primary driver of M&A pursuits, ahead of expanding customer bases in existing markets, and adding products or services[3].

Read More


Mitigating ATM Threats from the Inside Out

Posted by Beth Ruck on Jul 25, 2018 3:38:23 PM

 ATMs are literally boxes of cash—too good for criminals of any stripe to pass up. When ATMs first emerged, thieves used brute-force tools like crowbars, explosives, and propane torches to remove the ATM machine itself or get at the cash inside. As recently as April, three men were charged in Salt Lake City, UT, for trying to blow up ATMs and steal the cash. 

Read More


Our View on US CERT TA18-074A: A Critical, Missing Capability to Protect Critical Infrastructure from Targeted Attacks

Posted by Ofer Israeli on Mar 22, 2018 11:03:39 AM

On March 15, 2018, US CERT (U.S. Computer Emergency Readiness Team) issued a Technical Alert about “Russian government cyber actors” conducting a concerted cyberattack campaign against energy companies. Specifically, they gained access through small organizations connected to the target companies and then “conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS).”

Read More


Stay up to date!