Deceptions Everywhere ®

Insights on threat and cyber risk trends, use cases for deception technology
and strategies for combatting targeted attacks

Stepping Up Cyber Defense for Wire Transfers: SWIFT CSCF Compliance

Posted by Guy Rosenthal on Dec 13, 2018 5:15:22 PM

The Society for Worldwide Interbank Financial Telecommunication, known as SWIFT, became a household name in 2016, when hackers breached Bangladesh Bank's SWIFT wire transfer system and made off with almost $81 million. More than a dozen other banks around the world were hit with similar cyberattacks. Although compromised wire transfer systems haven't made headlines lately, they're still happening—and starting to appear in the consumer world.

Read More


Rethinking Healthcare Cybersecurity: Focus on the Attacker, not the Attack

Posted by Ofer Israeli on Nov 12, 2018 11:30:50 AM

At a recent industry event, I got to chatting with the CISO of a major children’s hospital. Over a beer, he shared with me the challenges he faces daily. Our far-reaching conversation covered nation-state actors enticing students to exfiltrate clinical trial test results, to his search for a secure USB port cover for patient-facing devices. Maybe it was the beer, but as he described his tribulations, each to me worse than the next, his enthusiasm and energy grew. Every so often he stopped to shake his head in disbelief at his own story as if to say, “Even I can’t believe how bad this is…” 

Read More


3 Hidden Ways Your Privileged User Credentials May be Available to Cyberattackers

Posted by Revital Aronis & Dolev Ben Shushan on Oct 23, 2018 3:14:05 PM

Preventing the ability of attackers to perform lateral movement within your network is not only a threat detection function—it’s also a cyber hygiene function. In this blog, we’ll review some of the most common—and invisible—ways that privileged user credentials proliferate in enterprise networks. It’s well understood that domain admin or other high-powered credentials are gold to a cyberattacker. With “keys to the kingdom,” they can move easily and silently from one system to another, change domain attributes, add permissions, change passwords, and connect to any machine in the domain. Most organizations dedicate significant resources to careful management of Active Directory and use various technologies and practices to control access privileges. But our experience shows that even in the most diligent organizations, privileged user credentials are more accessible to attackers than you’d think.

Read More


Deception Platforms Noted as “High” Benefits Rating by Leading Industry Analyst Firm

Posted by Beth Ruck on Jul 31, 2018 3:04:35 PM

What a difference a year makes.

In 2018, we find deception platforms listed with a “High” Benefits Rating in Gartner’s Hype Cycle for Threat-Facing Technologies2018.

Read More


Digital Transformation Calls for Threat Detection Early in the Cyber Kill Chain

Posted by Beth Ruck on Jul 27, 2018 1:02:22 PM

It goes without saying that digital transformation—the reengineering of core business processes leveraging digital technology—dramatically increases cyber risk for most organizations. It usually results in greater avenues of connectivity, collection of richer data from more sources, use of cloud services, extension of trust to more people and entities, and incorporation of smart devices in one form or another.

Read More


Mitigating ATM Threats from the Inside Out

Posted by Beth Ruck on Jul 25, 2018 3:38:23 PM

 ATMs are literally boxes of cash—too good for criminals of any stripe to pass up. When ATMs first emerged, thieves used brute-force tools like crowbars, explosives, and propane torches to remove the ATM machine itself or get at the cash inside. As recently as April, three men were charged in Salt Lake City, UT, for trying to blow up ATMs and steal the cash. 

Read More


Stay up to date!