Cyber deception is the most effective way to identify threat actors in any organization’s network. CounterCraft delivers actionable threat intelligence across industries.
-
A Step-by-Step CVE-2021-26084 Compromise
We have described different payloads that we were observing related to the exploitation of CVE-2021-26084. The majority of the incidents were trying to install crypto miners. Read on as we describe a successful exploit that installs a cryptominer (XMRig), and see how quickly a normal server connected in the Internet can be used for mining… Read more
-
Shellcode Detection Using Real-Time Kernel Monitoring
Looking at how to use real time kernel monitoring for shellcode detection. Alonso Candado discusses the challenges faced when trying to detect shellcode at runtime, usin the examples of hooking syscalls via hypervisor EPT feature and detecting shellcodes from kernel callback. Read more
-
Classifying Internet Noise | Founder Chat
The founders of CounterCraft talk about the threat actors they are finding and classifying among internet noise using deception machines. Watch the video. Read more
-
Categories: Threat Intelligence
Internet Noise: Threat Actor CC0630
Using our deception technology, we have detected several new threat actors in the wild, some of which we will be sharing weekly, right here. This is a series of posts in which we will describe the IOCs and TTPs of different threat actors we have uncovered, so be sure to check back or follow us… Read more
-
Categories: Threat Intelligence
Internet Noise: Threat Actor CC0629
Using our deception technology, we have detected several new threat actors in the wild, some of which we will be sharing weekly, right here. This is a series of posts in which we will describe the IOCs and TTPs of different threat actors we have uncovered, so be sure to check back or follow us… Read more
-
Categories: Threat Intelligence
MITRE Shield is Dead, Long Live MITRE Engage
MITRE Engage replaces the MITRE Shield knowledge base, focusing on the areas of denial, deception, and adversary engagement. Engage is wholly focused on strategic planning and analysis within the framework of denial, deception, and adversary engagement, in an effort to create more meaningful results from the MITRE knowledge base Read more