Interesting idea - Using AWS Access Keys for deception

Nice post on  Early Warning Detectors Using AWS Access Keys as Honeytokens

 

Folks continue to get creative about deceptive tricks against attackers.

 

Paper on fooling malware that they're not in a sandbox

Very interesting paper

From Patches to Honey-Patches: Lightweight Attacker Misdirection, Deception, and Disinformation


My first take is that if malware is becoming virtual sandbox aware, can we fake visualization on our physical hosts so the malware goes away?

Dallas News: Cybersecurity experts say traps might be more effective against hackers than firewalls

http://www.dallasnews.com/news/local-news/20150210-cybersecurity-experts-say-traps-might-be-more-effective-against-hackers-than-firewalls.ece

Bankers using honey data to smoke out fraudsters

From The Economist: Hacking back, Bankers go undercover to catch bad guys

Honeywords: Making Password-Cracking Detectable

http://people.csail.mit.edu/rivest/pubs.html#JR13

Article from Forbes on deceptive defenses

A Different Approach To Foiling Hackers? Let Them In, Then Lie To Them.

Good ideas on booby traps from an old talk by MJR

Recently I was re-reading some of Marcus Ranum's old stuff (hint: it's still relevant and prescient) and came across:

"Tutorial notes for a briefing on the IDS approach of using policy-centric detectors (AKA "production honeypots")"

 It's got awesome great ideas on setting up improvised deceptive traps for attackers.