Top news of the week: 19.06.2020.
#cybercrime #ransomware #Lazarus #malware #incidentresponse #DarkWeb #dissident #censorship #legal #Ryuk
Mitre Attack
RT @mattifestation: Atomic Red Team now support @MITREattack sub-techniques! Check out @OrOneEqualsOne's PR for context but tl;dr, there were no structural changes but many tests have been moved accordingly. https://t.co/DmCtFz1SFi TY Carrie, your teammates, and @M_haggis for the hard work!
OpenConvert to Mitre ATT&CK sub-technique schema
These changes support the new Mitre ATT&CK sub-technique schema here: https://attack.mitre.org/beta/ The beta version of Mitre ATT&CK is expected to become the official release next ...
Ransomware from Your Lawyer's Perspective
Three good reasons why your incident response team's first call after a data breach should be to outside counsel.
The Bright Side of the Dark Web
As the hitmen and fraudsters retreat, the Dark Web could become freedom's most important ally.
RT @ESET: .@ESETresearch has discovered an operation, with a possible link to the infamous #Lazarus group, that targeted aerospace and military companies with Linkedin-based #spearphishing and custom, multistage #malware. ➡️ https://t.co/R2WYAtNEJG https://t.co/gJutHkahhZ
OpenOperation In(ter)ception: Aerospace and military companies in the crosshairs of cyberspies
ESET research uncovers attacks against several high-profile aerospace and military companies in Europe and the Middle East, with several hints suggesting a possible link to the Lazarus ...
Ryuk Continues to Dominate Ransomware Response Cases
Analysis reveals how Ryuk's operators are changing their techniques and using new means to break in.
RT @hacks4pancakes: We have an open req for a Senior / Principal level ICS incident responder at @DragosInc. FT remote, 50% NA travel (limited during COVID), industrial systems background a big plus. https://t.co/MKsPK6ENXG
OpenPrincipal Industrial Incident Responder
Our mission at Dragos is to protect the world’s most critical infrastructure from adversaries who wish to do it harm. We help defend industrial organizations that provide us with the tenets ...
RT @AusCERT: Further to this session by the PM this morning, we wanted to share this advisory from the ACSC (@CyberGovAU) team here: https://t.co/o7F1nXfPYB https://t.co/MrNHKNnHLG
OpenAdvisory 2020-008: Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks
This advisory details the tactics, techniques and procedures (TTPs) identified during the ACSC investigation of a cyber campaign targeting Australian networks. These TTPs are captured in ...
TroyStealer – A new info stealer targeting Portuguese Internet users
One of the most recent threats is the info stealer TroyStealer, first shared by Abuse.ch on Twitter, and targeting Portuguese users. The world of cybercrime is changing, and more and more ...