endpoint security: amplified

Final-Connect-Image.jpg

Nenad Kreculj

Recent Posts

Notpetya, petya, its cousins, and a What You Should Know About the Impact on Your Endpoints

A few days ago, NotPetya came into our purview, and left enterprises globally with many questions.

Read More

Topics: CounterTack, Ransomware, Petya, NotPetya, advanced attacks

CounterTack’s Ransomware Protect Organizations Against WannaCry

The WannaCry ransomware started to hit companies worldwide this past Friday, setting off a wave a panic about what to do about it. The reality is this attack will continue to proliferate, and it will likely continue to command attention from CISOs to the boardroom to the media for the upcoming weeks. The attack was first reported to have started to hit companies in Europe and Asia this past Friday, and so far to-date, over 200,000 systems in 150 countries.

Read More

Topics: Zero-day Attack, Ransomware, wannacry, ransomware virus, ransomware attacks, ransomware protection

Your Ransomware attacks Choices: The Bad, The Ugly and The Mean

You can’t read the news these days without being blasted with yet another Ransomware story. Almost daily, there seems to be a new variant, a new name, and inevitably, new victims. The rise of Ransomware attacks shouldn’t come as a surprise, since its execution is quite simple and the demands on the victims are not onerous.

Ransomware  is not like an APT (Advanced Persistent Threat) - there is no need for long-term stealth operation, no need to explore the victim’s networks and resources, no need to steal credentials and no need to quietly and patiently exfiltrate sensitive data. With Ransomware, an exploit kit opens the door, and BANG, there it is, your PC is displaying a ransom note with detailed instructions on how to pay.
Read More

Topics: Cyber Attack, APT, Ransomware

Attacker Lateral Movement: Visualize Infiltration and Treat as Behaviors

In the game of whack-a-mole, the player’s objective is to hit a target that keeps popping up in different places. It’s a fun game that exercises one’s reflexes and motor skills.

Unfortunately, similar games are played every day in security operation centers across many organizations, irrespective of their size (which is not fun). What makes it hard for the incident responders is the movement of the adversary – hopping from one endpoint to another, from one workstation to another. This is called lateral movement. There are many reasons why attackers move laterally – they do so to establish another persistence point in the network (the so-called “beachhead”), to steal data from a server, and sometimes to prepare the workstation for the next phase of attack (network enumeration or credentials stealing, for example).

Read More

Topics: endpoint security, endpoint security solutions

The Thin Line Between the Insider and the Outsider

Two very recent defining events are helping the industry see the bigger picture of the state of cybersecurity: the Verizon Business’ DBIR report and the RSA conference. Both the report and the conference reinforce the fact that cybersecurity has now reached boardroom level.

This year, yet again, one common denominator between the two was the message that organizations now do understand that being attacked is not a matter of “if” but “when”1. That awakening is good news.

Read More

Topics: endpoint security, RSA Conference 2015, Verizon DBIR Report

Exposing Attacker Activity

This video post is one in a series of technical blog posts examining various attack scenarios through video simulations of CounterTack’s Event Horizon platform. Today, CounterTack’s Nenad Kreculj exposes some tactics cyber attackers use to hide their actions.

Read More

Topics: Cyber Security, Cyber attack intelligence, virtual machine introspection, Event Horizon

How Hackers Hide Their Tracks: Part 1

This is the first in a series of technical blog posts examining various attack scenarios through video simulations of CounterTack’s Event Horizon platform.   

Read More

Topics: APT, virtual machine introspection, Detecting in-progress attack, Event Horizon

Subscribe to Email Updates

Posts by Topic

see all