Cybersecurity in Business

Fortune 500s perform legal hack-back inside their networks with Cymmetria’s help

While hackback is almost a taboo in our industry, we had two Fortune 500 customers ask about hackback within a few days of each other. It was surprising to say the least. Today, as a result of these and other inquiries, we’re launching a new product for legal hackback, Cymmetria MazeHunter. We are also releasing …

Fortune 500s perform legal hack-back inside their networks with Cymmetria’s help Read More »

A legal and operational framework for hacking-back

1. Introduction When you talk to people in the cybersecurity industry, you’ll hear that incident response is often associated with “good guy” actions you take to means “good guy” actions that you take to stop the “bad guys” from stealing your stuff, whereas “hack-back” is the equivalent of identifying a person who robbed you, following …

A legal and operational framework for hacking-back Read More »

Responder.py detection across an entire enterprise's infrastructure, using MazeRunner

Since our last blog post about MazeRunner’s Responder Monitor, we have improved it based on feedback from the field, and then deployed it at customer sites—most notably across the entire network of a Fortune 500 customer. In the now infamous attack against Hacking Team, in what turned out to be one of the best guides ever written …

Responder.py detection across an entire enterprise's infrastructure, using MazeRunner Read More »

Should the U.S. intelligence community help U.S. companies?

If you haven’t been living under a rock, you know that many countries’ intelligence and military agencies spy on U.S. companies, stealing their intellectual property (IP) to help their own nations’ companies and their own economies. Probably billions of dollars worth of U.S. research and development is compromised and stolen every year from the U.S. …

Should the U.S. intelligence community help U.S. companies? Read More »

APT Report: How we caught Patchwork with Cyber Deception

Patchwork is a targeted threat that was disclosed by Cymmetria’s research team last Thursday. Patchwork has affected about 2,500 targets worldwide since December 2015. The threat actor shows a high interest in Southeast Asia, targeting individuals employed by governments and government-related organizations, specifically those dealing with political and military aspects relating to the region. While …

APT Report: How we caught Patchwork with Cyber Deception Read More »

Where does cybersecurity fit within your organization?

Where within your organization does the cybersecurity function fall, and to whom do they report – the CEO, CIO, CTO, or Security Office? I have recommended for over 25 years that the cybersecurity function is a security responsibility, not a technical responsibility. Most cybersecurity professionals I’ve talked to over the years report to the CIO. I personally …

Where does cybersecurity fit within your organization? Read More »

Scroll to Top