Cyber deception is the most effective way to identify threat actors in any organization’s network. CounterCraft delivers actionable threat intelligence across industries.
-
A BPFDoor Compromise | Founder Chat
The founders of CounterCraft talk about the BPFDoor compromise and go through the step by step. Watch the video now Read more
-
Categories: Threat Intelligence
Active exploitation of Apache CouchDB CVE-2022-24706
Active exploitation of Apache CouchDB CVE-2022-24706 Read more
-
MITRE Engenuity ATT&CK® Evaluations for Deception
MITRE Engenuity ATT&CK Evaluations for deception offer a way to understand the capabilities of different cyber deception vendors. Read on for more details about the recent MITRE Engenuity ATT&CK Evaluations for Deception Read more
-
Categories: Threat Intelligence
A Step-by-step BPFDoor Compromise
During the last few days there have been many articles describing BPFDoor, a UNIX backdoor allegedly used by Chinese threat actors. BPFDoor is a smart backdoor that does not need to open additional ports when the attacker wants to connect to the compromised host. It is able to hijack current open ports, sniff the traffic,… Read more
-
The Threat Intelligence Lifecycle 2.0
Generic threat intel wastes a lot of time. As technology evolves, so does the threat actor. Threats and techniques change on a daily basis, making the job of the cyber defender incredibly difficult. Our approach to threat intel is the use of deception technology to collect real-time threat intel specific to your environment. This is… Read more
-
Detecting malicious artifacts using an ETW consumer in kernel mode
Post-exploitation tooling is becoming increasingly sophisticated and often evades detection by EDRs, meaning sometimes we will not be able to detect when an attacker is able to load his code into memory. Here’s a way to detect artifacts that are already loaded in memory from kernel and in real time Read more
