The latest in cybersecurity and deception technology.

Visit CounterCraft This Month: RSA, Gartner and more

CounterCraft is excited to announce that we will be attending conferences across the United States and Europe this month. In the United States, you can find us at RSA, Gartner, and HxGN LIVE Global 2022.

What We're Reading

The news of this month includes some fascinating threat intel discoveries as well as talking about some of our favorite tools, like MITRE Engage. Read on to find out what our team is talking about this month.

Active exploitation of Apache CouchDB CVE-2022-24706

On April 26, 2022, Apache officially issued a risk notice or Apache CouchDB remote code execution vulnerability, giving it the vulnerability number CVE-2022-24706 and a severity level of critical.

MITRE Engenuity ATT&CK® Evaluations for Deception

Providers of non-detection-oriented security solutions need objective, transparent methodologies to evaluate and frame their value propositions. This need was the driver behind the launch of MITRE Engenuity ATT&CK® Evaluations Trials, an exploratory new program designed to help niche solutions providers realistically describe their strengths in defending against known adversary behavior.

A Step-by-step BPFDoor Compromise

During the last few days there have been many articles describing BPFDoor, a UNIX backdoor allegedly used by Chinese threat actors. BPFDoor is a smart backdoor that does not need to open additional ports when the attacker wants to connect to the compromised host.