About Us

WhiteSource Launched Spring4Shell Detect

WhiteSource Spring4Shell Detect, a free command-line interface (CLI) tool that swiftly searches projects for susceptible open-source libraries for CVE-2022-22965, also known as Spring4Shell, was released today by WhiteSource, a leader in application security. Spring4Shell is a remote code execution (RCE) vulnerability in Spring, one of the most widely used open-source Java frameworks today. While we are still learning about this vulnerability, its impact is anticipated to be comparable to that of Log4j, and it has a severity level of 9.8. WhiteSource’s free developer tool, which is currently accessible on GitHub, gives developers the exact path to direct and indirect dependencies, as well as the patched version, so they can fix them quickly.

Increasing the possibility of global prevalence and risks because of this zero-day vulnerability, WhiteSource advises companies to take the following steps to resolve and avoid future incidents:

  • Upgrade to the most recent version of Spring Framework if you have any vulnerable versions. Use tools like WhiteSource Renovate to update your libraries automatically with the most recent updates.
  • Inventory your whole program list to find all CVE-2022-22965 instances. WhiteSource’s free detection tool can help with this.
  • For each program in your environment, create a software bill of materials (SBOM). An SBOM gives you access to your whole software attack surface, including direct and indirect dependencies, and allows you to respond fast to vulnerability announcements.

The CEO at WhiteSource, Rami Sass, stated, “Organizations and security teams must approach Spring4Shell with the same attention and urgency they did with the recent Log4j vulnerability. This vulnerability highlights the importance of a proactive approach to software security and the need for more automated application security to be baked into the development lifecycle. Ensure you are handling your technical debt, and update.”

With over several downloads, WhiteSource Renovate automatically uploads prerequisites and has found and mitigated the Spring4Shell vulnerability for large numbers of businesses.

Blackcloak Launches New Deception Technology To Detect Cyberattacks On Executives And High-Profile Individuals

BlackCloak, Inc., the Concierge Cybersecurity & Privacy Protection Platform for Leaders and High-Profile People, introduced exclusive deception technology to detect attackers’ blatant tactics to compromise a member’s privacy, home networks, or personal devices.

BlackCloak’s deception technique, often known as a honeypot, deceives attackers into engaging with a service by replicating a real-world home network. The prospective data that is within cybercriminals’ reach will lure them. When an attack is identified, BlackCloak’s deception technology notifies the firm’s Security Operations Center (SOC), which can investigate and act before any damage is caused.

“Our members are increasingly exposed to sophisticated cyberattacks. Hackers are diversifying their preferred attack vectors beyond corporations and supply chain partners to include executives, high-net-worth individuals and high-profile individuals, many of whom have easily exploitable vulnerabilities in their personal digital lives. Advanced deception technology increases our ability to proactively detect, mitigate, and respond to threats before they manifest. It is the perfect complement to BlackCloak’s other concierge cybersecurity and privacy services,” said Dr. Chris Pierson, BlackCloak Founder & CEO.

BlackCloak’s deception engine, which has been operational with existing clients since earlier this year, has already detected malicious activities in  home environments. The first cybersecurity and privacy firm to bring enterprise-grade honeypot technology to clients is the leader in digital executive protection.

“BlackCloak’s design and implementation of deception technology into the personal lives of corporate executives further strengthens their concierge platform. The ability to know an adversary might be lurking inside the footprint of their digital home independent of other common controls is game changing,” said Bob Ackerman, Co-Founder of DataTribe.

BlackCloak is a digital executive protection leader with an aim to secure digital life. In order to accomplish this, the company is developing a comprehensive, SaaS-based cybersecurity and privacy platform with a concierge experience. BlackCloak helps real people protect their personal and corporate reputations, finances, and information by employing technology to secure their homes, gadgets, and internet presence. BlackCloak focuses on high-profile people who have limited time and a lot to lose. BlackCloak ensures that everything they do is seamless and discreet.

Points to consider before buying Deception Technology Solution

The COVID-19 pandemic has caused several cyberattacks in new and unexpected ways and on a massive scale. Especially, the sudden change of many industries to remote work or work from home provided an instantaneous advantage and opportunity to cybercriminals. In ransomware attacks on workforce connected to corporate resources from unsecured home networks and devices. Throughout 2020, these malicious actors tried to identify and exploit employees and they will continue it in 2021. Social engineering has been the starting point of the majority of ransomware attacks. Social engineering strategies, such as phishing can fool users into disclosing sensitive information. 

Deception technology helps companies to quickly create a fictitious IT network that deploys alluring decoys that prevent cybercriminals from identifying the traffic and resources used within the real network. This deceptive network is then effectively integrated into the current IT infrastructure in order to reveal itself to attackers. Deception technology takes into account the attacker’s view and strategy which is used to abuse and explore networks of information recognition and exfiltration.

Following points should be considered before buying Deception Technology-

  • Vendors must understand client’s goals and objectives when it comes to deception
  • Vendors should study and understand client’s current technological infrastructure
  • Deception solution be built to understand attacker techniques, tactics and methods
  • Deception solution should be designed by incorporating the identified goals, technology and attacker tactics
  • Deception solution implemented should be reviewed and updated regularly to address new technology changes and objectives

Companies need to check that the deception solution covers all from endpoint to complex cloud environment for maximum protection. In addition, what kind of disappointment lures vendor provides. An ideal solution provides IT network, server, database, endpoint, applications, cloud and OT decoys, some vendors offer only a number of them. Companies need to check how these deceptions systems are used and whether they are manually or automatically updated. The level of customization also plays a crucial role.

The Level of Interaction to Deceive Attackers

The deception solution only works if it is able to mislead attackers. Real-time operating systems and networks can be custom-made. Consider asking solution providers whether their systems create or use emulated decoys for the actual operating system. The capacity to play and understand an attacker increases as the level of interaction of deception resources used increases. Greater interaction gives the cyber criminals more real experience and offers security teams a better and detailed approach to analyse attacker activity. It also increases their ability to develop enhanced deception environments. Various technical parameters like ensuring that active decoy directory entries are consistent with the real Active Directory should be checked. Cyber deception is a detection method. It is less to useful detect attacks without the ability to respond effectively. This makes it compulsory to create robust, documented incident response processes in deception solutions.

Cyber Criminal Use Cases

If an intrusion is identified, the attackers can be enclosed and observed successfully with minimum or no danger to the true system. However, Deception technology allows security experts to gain insights from the behaviour of an attacker and denies them the opportunity to apply crime data to strengthen security systems. Based on cyber criminals’ activities vendors have created cybercriminal use cases. These use cases are used to improve deception solution.

Scalability and Automation

The technology of deception adds decoys and controls so that the problems can be detected. Scalability is the design and implementation of an authentic set of decoys in an extensive infrastructure. Once these Deceptive resources are installed, companies can manage and update them regularly to maintain realisticness. The processes of generating, deploying, and running deceptive solutions have been significantly simplified by machine learning. Thus vendors with scalable and automated deception solutions should be considered.

If there is a ransomware attack deceptive resources are attacked thus saving real resources from attack. This is a huge advantage over other security solutions. Sectors such as education, health care and government need assistance in their fight against ransomware. Deception technology is useful in the detection of movement and minimizes damage. 

Deception Technology – How it works?

Deception technology creates deceptive traps or decoys that mimic an organization’s technological assets like servers, databases, employee sessions, passwords etc. This makes it difficult for attackers to tell difference between real and fake. These decoys are capable of running in a real or virtual operating system environment.

How Deception Technology Works?

Deception technology detects perpetrators as they make their first move within an organization’s network by taking advantage of the fact that attackers have a predictable attack pattern after gaining access to a network: surveillance and exploitation. Attackers no longer have the luxury of moving freely within a network and returning to the same network several times, using the same exploits and resources each time. Instead, they’re being pushed to devote more money, time, and effort to their attack attempts, and they’re constantly worried that they’ll make a mistake. Deception in other words creates a hostile environment for attackers, one in which using malicious software or vulnerabilities on the wrong target means the attack is over since attackers are fingerprinted. Signatures and patterns of their attacks are created and circulated across the organization. Some methods used by deception technology are baiting, monitoring, fingerprinting and analyzing.

Understand Attacker’s Actions and Motivation

Every day attackers are developing new attacking strategies and tools. The usage of these new attacking technologies has forced security analyst teams of companies to extend their threat detection procedures from classic network attacks to web service applications and cloud security in order to address a wide range of attacking techniques. Understanding attackers’ strategies, on the other hand, does not prevent attacks, breaches, or harm. This information is used by deception planning security teams to increase the probability of triggering a deceptive “Trap”. This gathered information gives security teams an idea about the motive of attackers.

Deception Technology Vs Honeypots

When people hear the word “Deception Technology” common misunderstanding is ‘it’s like a honeypot’. Honeypots are a part of deception Technology. For example, Tokens are bits of information intended to be picked up by attackers accumulating information for the next movement. These are for the purpose of detection. These information pieces or elements aren’t part of the organization’s normal operations, so anyone who touches them is likely doing it maliciously.

AI-based Interactive Deception Technology

The artificial intelligence-based deception technology can help security teams to detect, monitor, learn and adapt to attackers’ techniques. The deception technology platform gathers immense information about attackers during an engagement by using high-interaction decoys based on real operating systems. This data is used to generate forensic reports and automate security response decreasing the time of response. With machine learning algorithms applied to these activities deception technology, becomes more accurate and intelligent.

Technology Integration

It’s also crucial to evaluate the effectiveness of existing security controls and technologies. Deception can easily integrate with existing security technologies or leverage their features like security reports. Deception technology can report to centralized detection solutions e.g., Security information and event management (SIEM) or Intrusion Detection System (IDS). They can also utilize the benefits of other technologies like firewalls. Deception technology is easy to deploy and can easily scale up as per the need of an organization.

Security teams of an organization must be correct 100 percent of the time, but if attackers are correct only once the cost is huge for an enterprise firm. It gives an idea of the problems security teams face. However, deception technology has changed the scenario, now to evade detection by deception technology attackers must be correct 100 percent of the time and security teams are empowered with each attack detection. The most crucial advantage an organization gets from Deception Technology is that it protects real resources and reduces the probability of security breach with the help of decoys resulting in huge cost saving.