MITRE ATT&CK version 14
I. Introduction: Importance of staying updated with frameworks like MITRE ATT&CK In the realm of offensive security, staying updated with
Read more
Threat
MITRE ATT&CK version 13
MITRE ATT&CK version 13 has been recently launched, bringing some significant updates. These include: ATT&CK version 13 for Enterprise includes
Read more
ATT&CK v12 is now accessible! Revisions – October 2022
Updates to Techniques, Groups, and Software for Enterprise, Mobile, and ICS are included in the October 2022 (v12) ATT&CK release.
Read more
Micro Emulation Plans by MITRE-Engenuity
We enjoy imitating the opposition. In fact, it’s so important that they’ve written, spoken, trained on it, and are still developing and disseminating more emulation plans (including one of the first public Adversary Emulation Plans). However, many organisations are unable to overcome the entry barrier due to the expense and complexity involved in developing or even carrying out the majority of adversary emulation plans. The Center for Threat-Informed Defense (Center) collaborated with AttackIQ, Inc., Booz Allen Hamilton, Inc., Citigroup Technology, Inc., Ernst & Young U.S. LLP, Fujitsu, HCA — Information Technology & Services, Inc., IBM Corporation, Microsoft Corporation, and Verizon Business Services to create Micro Emulation Plans in an effort to make adversary emulation accessible to a wider audience. By using simple to use executable binaries that any user can use, these emulation plans re-imagine
Read more
Organizations in Poland and Ukraine are affected by the new “Prestige” ransomware.
The Microsoft Threat Intelligence Center (MSTIC) has found evidence of a novel ransomware campaign using a hitherto unidentified ransomware payload
Read more
MITRE ATT&CK® Released Updates in Apr 2022 With Additional Techniques and Structuring
The Techniques, Groups, and Software for Enterprise, Mobile, and ICS are updated in the April 2022 (v11) ATT&CK release. The
Read more
The Microsoft Threat Modeling Tool (TMT)
A crucial component of the Microsoft Security Development Lifecycle is the Threat Modeling Tool (SDL). Early detection and mitigation of
Read more
Threat Modeling: Choosing the Right Method for Your Business
Why Threat Modeling Is Important and What It IsIdentifying and evaluating threats that an attacker (threat) could exploit is done
Read more
IriusRisk Threat Modeling for Security and Development Teams
Threat modelling: what is it?Basics of Threat Modeling Threat modeling’s fundamental tenet is the identification, disclosure, and management of security
Read more
The Azure Threat Research Matrix is explained
It’s typical for the assessment team to cite the MITRE ATT&CK knowledge base when conducting an offensive security assessment so
Read more