Acalvio Staging

Category: Blog

  • WannMine – Lateral Movement Techniques

    WannMine – Lateral Movement Techniques

    [et_pb_section fb_built=”1″ admin_label=”section” _builder_version=”3.22″][et_pb_row admin_label=”row” _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”4.7.0″ background_size=”initial” background_position=”top_left” background_repeat=”repeat” hover_enabled=”0″ sticky_enabled=”0″]Acalvio Threat Research Labs Introduction: Cryptominer is quickly becoming one of the greatest threats that is facing our industry. Similar to ransomware, it provides an easy avenue for a threat actor to monetize his/her skills. In one […]

  • Technical Analysis of Samsam Ransomware.

    Technical Analysis of Samsam Ransomware.

    Ransomware continues to represent the most critical threat facing organizations in 2018. In the latest breaches at Hancock Memorial Hospital, Adams Memorial Hospital, and Allscripts, SamSam ransomware was used to encrypt the files. In this blog, we dive into the technical details of the SamSam ransomware [1]. The blog then shares how the Samsam ransomware […]

  • Ransomware Command and Control Detection using Machine Learning

    Ransomware Command and Control Detection using Machine Learning

    Authors: Deepak Gujraniya, Mohammad Waseem, Balamurali AR, and Satnam Singh Since the first attack in 1989 [1], ransomware attacks have gained popularity. Especially in 2017, it has created havoc in every possible industry, including the government offices, public-sector departments, and hospitals. Apart from the financial strain that ransomware can bring, it also affects everyday aspects […]

  • Lateral Movement analysis of Zealot Campaign and its detection by Distributed Deception Architecture.

    Lateral Movement analysis of Zealot Campaign and its detection by Distributed Deception Architecture.

    Acalvio Threat Research Labs Web Servers are becoming one of the entry vectors in breaches. In theB last blog,B I had shared the details of deception based architecture to prevent breaches involving web server as an entry vector. In this blog, we takeB Zealot campaign as a case study to show the effectiveness of deception […]

  • Deception Centric Architecture to prevent Breaches involving WebServer.

    Deception Centric Architecture to prevent Breaches involving WebServer.

    Web Server is becoming one of the critical vector which have been exploited by a threat actor to breach an organization. Breach at Equifax is one such example, affecting 143 million customers. In this breach, a threat actor could access the internal network and exfiltrate the confidential data by exploiting a vulnerability in a Web […]

  • Beyond the Hype: AI in Information Security

    Beyond the Hype: AI in Information Security

    In the next few years, Artificial Intelligence (AI) will transform and expand as a decision engine across every enterprise business layer from product development to operations to finance to sales. While, internet biggies like Google, Facebook, Microsoft and Saleforce are already embedding AI into their products, the Information Security (InfoSec) industry is also catching up […]

  • Lateral Movement of Emotet

    Lateral Movement of Emotet

    Acalvio Threat Research Labs. Introduction Emotet is one of many information stealer malware families which have been active in the recent months. The initial delivery vector of the malware is via phishing campaign. The blog by TrendMicro[1] and Microsoft[2] discusses the first stage infection of the malware and shares statistics on the global infection. Once […]

  • CSO Magazine Names ShadowPlex One of Best Security Products

    CSO Magazine Names ShadowPlex One of Best Security Products

    CSO Magazine has named Acalvio’s ShadowPlex as one of theB best security products of the year. CSO specifically cites Acalvio’s ease of use and “unlimited deception assets without constant overhead or maintenance” as value added features. You may read the entireB review of ShadowPlex here. The reviewers performed hands-on evaluations of some of “the most […]

  • Technical White Paper : Using Deception to Detect Spreading Techniques

    Technical White Paper : Using Deception to Detect Spreading Techniques

    The severity of any infection will get multiplied when it employs spreading technique. Ransomware which has been one of the critical threat for quite some time have been able to increase its effect by spreading to the mapped and unmapped drive. In the recent past threat actors have made use of remote code execution (such […]

  • Three Minutes Until the Apocalypse

    Three Minutes Until the Apocalypse

    [et_pb_section fb_built=”1″ _builder_version=”4.7.0″ _module_preset=”default”][et_pb_row _builder_version=”4.7.0″ _module_preset=”default”][et_pb_column type=”4_4″ _builder_version=”4.7.0″ _module_preset=”default”][et_pb_text admin_label=”This blog covers three main topics:” _builder_version=”4.7.0″ _module_preset=”default”]This blog covers three main topics: Three Key Questions Needing Answers Within Three Minutes When You Suspect a Breach Using Deception and Endpoint Logs to Backtrack Command and Control Improving SOC Triage Workflow with Prevention Failure Detection [/et_pb_text][/et_pb_column][/et_pb_row][et_pb_row column_structure=”1_4,3_4″ […]