Top news of the week: 19.06.2020.

#cybercrime #ransomware #Lazarus #malware #incidentresponse #DarkWeb #dissident #censorship #legal #Ryuk

Mitre Attack

On Jun 18, 2020
@strandjs shared
RT @mattifestation: Atomic Red Team now support @MITREattack sub-techniques! Check out @OrOneEqualsOne's PR for context but tl;dr, there were no structural changes but many tests have been moved accordingly. https://t.co/DmCtFz1SFi TY Carrie, your teammates, and @M_haggis for the hard work!
Open

Convert to Mitre ATT&CK sub-technique schema

Convert to Mitre ATT&CK sub-technique schema

These changes support the new Mitre ATT&CK sub-technique schema here: https://attack.mitre.org/beta/ The beta version of Mitre ATT&CK is expected to become the official release next ...

On Jun 18, 2020
@PatrickCMiller shared
Ransomware from Your Lawyer's Perspective https://t.co/ciTfINpgO5
Open

Ransomware from Your Lawyer's Perspective

Ransomware from Your Lawyer's Perspective

Three good reasons why your incident response team's first call after a data breach should be to outside counsel.

On Jun 17, 2020
@PatrickCMiller shared
The Bright Side of the Dark Web https://t.co/rNnxqGfXo8
Open

The Bright Side of the Dark Web

The Bright Side of the Dark Web

As the hitmen and fraudsters retreat, the Dark Web could become freedom's most important ally.

On Jun 17, 2020
@bry_campbell shared
RT @ESET: [email protected] has discovered an operation, with a possible link to the infamous #Lazarus group, that targeted aerospace and military companies with Linkedin-based #spearphishing and custom, multistage #malware. ➡️ https://t.co/R2WYAtNEJG https://t.co/gJutHkahhZ
Open

Operation In(ter)ception: Aerospace and military companies in the crosshairs of cyberspies

Operation In(ter)ception: Aerospace and military companies in the crosshairs of cyberspies

ESET research uncovers attacks against several high-profile aerospace and military companies in Europe and the Middle East, with several hints suggesting a possible link to the Lazarus ...

On Jun 18, 2020
@PatrickCMiller shared
Ryuk Continues to Dominate Ransomware Response Cases https://t.co/pQb6D5NMtV
Open

Ryuk Continues to Dominate Ransomware Response Cases

Ryuk Continues to Dominate Ransomware Response Cases

Analysis reveals how Ryuk's operators are changing their techniques and using new means to break in.

On Jun 13, 2020
@marcusjcarey shared
RT @hacks4pancakes: We have an open req for a Senior / Principal level ICS incident responder at @DragosInc. FT remote, 50% NA travel (limited during COVID), industrial systems background a big plus. https://t.co/MKsPK6ENXG
Open

Principal Industrial Incident Responder

Principal Industrial Incident Responder

Our mission at Dragos is to protect the world’s most critical infrastructure from adversaries who wish to do it harm. We help defend industrial organizations that provide us with the tenets ...

On Jun 19, 2020
@likethecoins shared
RT @AusCERT: Further to this session by the PM this morning, we wanted to share this advisory from the ACSC (@CyberGovAU) team here: https://t.co/o7F1nXfPYB https://t.co/MrNHKNnHLG
Open

Advisory 2020-008: Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks

Advisory 2020-008: Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks

This advisory details the tactics, techniques and procedures (TTPs) identified during the ACSC investigation of a cyber campaign targeting Australian networks. These TTPs are captured in ...

On Jun 17, 2020
@PatrickCMiller shared
TroyStealer – A new info stealer targeting Portuguese Internet users https://t.co/Ryun7b2iwX
Open

TroyStealer – A new info stealer targeting Portuguese Internet users

TroyStealer – A new info stealer targeting Portuguese Internet users

One of the most recent threats is the info stealer TroyStealer, first shared by Abuse.ch on Twitter, and targeting Portuguese users. The world of cybercrime is changing, and more and more ...