ATT&CK
Malicious Life Podcast: Inside the MITRE ATT&CK Framework
In some ways, cybersecurity is like art, but that’s not a good thing… The MITRE ATT&CK framework aims to make sense of the collective knowledge of the security community and share that ...
Ukrainian Police Nab Six Tied to CLOP Ransomware
Authorities in Ukraine this week charged six people alleged to have been part of the CLOP ransomware group, a cybercriminal gang said to have extorted more than half a billion dollars from victims ...
5 Things to Do with MITRE ATT&CK – Tips and Tricks Special
MITRE ATT&CK stands for MITRE Adversarial Tactics, Techniques and Common Knowledge. It’s a curated knowledge base of adversarial behavior based on real-world observation of APT campaigns. The original impetus for the project ...
DARK COMMERCE: parallel economy provides easy on-ramp for would-be cybercriminals
The cybercriminal industry is evolving, with a growing shadow economy that trades goods and services in much the same way as the legitimate cybersecurity sector. Today we publish a new report and ...
The MITRE ATT&CK Framework: Impact
Not all attackers are trying to exfiltrate data. In security, we’re all familiar with CIA triad—confidentiality, availability, and integrity. While Exfiltration describes adversarial behavior with the goal of violating confidentiality, attackers may ...
TOP 5 ATT&CK techniques used by Threat Actors tied to Iran
On the 3rd of January 2020, the Iranian Major General Qasem Soleimani was killed in a US drone strike ordered by President Donald Trump at Baghdad International Airport. Since then, popular demonstrations ...
ATT&CK Structure Part II: From Taxonomy to Ontology
In Part I, I described some structural problems in MITRE’s ATT&CK adversarial behavior framework. We looked at a couple of examples of techniques that vary greatly in terms of abstraction as well ...
Cryptojacking: An Unwanted Guest
We analyse a cryptojacking attack that mines the Monero cryptocurrency. The value of Monero in US dollars has more than doubled over the first half of 2019, from $46 to $98. The ...
Deriving value from the MITRE ATT&CK Threat Model
The MITRE ATT&CK knowledge base continues to gain traction as the defacto source for supporting business threat assessing, developing proactive cybersecurity and cyber resilience strategies. ATT&CK provides a defined understanding of the ...
Fine-Tuning Cybersecurity with the ATT&CK Framework
This Thursday, March 7, 2019, I’ll be facilitating a Learning Lab titled Fine Tuning Your Cyber-Defense Technologies with the ATT&CK Framework at the 2019 RSA Conference in San Francisco, CA. This will ...