Cybersecurity

Mitre ATT&CK News

Explore the latest news articles and reports about the Mitre Attack Framework, a curated knowledge base that helps network defenders learn exactly how networks are attacked. Discover everything about it and its place in the world of cybersecurity.

Cybersecurity

Top news of the week: 21.04.2022.

Attack
Cloud computing
Animorphs
Attack!
Floating wind turbine
Computer network security

Mitre Attack

@DarkReading shared
On Apr 18, 2022
Lazarus Targets Chemical Sector With 'Dream Jobs,' Then Trojans https://t.co/bq29UcIuwP via @roblemos
Open
Lazarus Targets Chemical Sector With 'Dream Jobs,' Then Trojans

Lazarus Targets Chemical Sector With 'Dream Jobs,' Then Trojans

Chemical companies are the latest to be targeted by the well-known North Korean group, which has targeted financial firms, security researchers, and technology companies in the past.

@CrowdStrike shared
On Apr 19, 2022
We recently demonstrated the power of the Falcon platform and its integrated approach to providing robust protection by exposing all attack tactics used as part of the MITRE Engenuity ATT&CK Enterprise Evaluation released in April 2022. https://t.co/uVIoEVgDyG
Open
Security Doesn’t Stop at the First Alert: Falcon X Threat Intelligence Offers New Context in MITRE ATT&CK Evaluation

Security Doesn’t Stop at the First Alert: Falcon X Threat Intelligence Offers New Context in MITRE ATT&CK Evaluation

The CrowdStrike Falcon® exposes all attack tactics used as part of the MITRE Engenuity ATT&CK Enterprise Evaluation released in April 2022.

@DarkReading shared
On Apr 20, 2022
RT @otherjimdonahue: Because attackers often return, "the post-attack phase can serve as a valuable time to learn about the enemy — where they came from, which assets they spent the most time checking out." -Shmulik Yehezkel, @CyesecLtd @DarkReading https://t.co/FghocEaS9n
Open
From Passive Recovery to Active Readiness

From Passive Recovery to Active Readiness

This is the shift that companies need to make after a cyberattack.

@DarkReading shared
On Apr 20, 2022
Okta investigation found #Lapsus$ breach scope smaller than originally feared; vows to implement strong #cybersecurity requirements for third-party contractors, @roblemos reports. #infosec https://t.co/Yvqn0UC3gI
Open
Okta Wraps Up Lapsus$ Investigation, Pledges More Third-Party Controls

Okta Wraps Up Lapsus$ Investigation, Pledges More Third-Party Controls

Companies must enforce more security on their own third-party providers and retain the ability to conduct independent investigations, experts say.

@DarkReading shared
On Apr 20, 2022
More Than Half of Initial Infections in Cyberattacks Come Via Exploits, Supply Chain Compromises https://t.co/0oy6pF1YBN via @roblemos
Open
More Than Half of Initial Infections in Cyberattacks Come Via Exploits, Supply Chain Compromises

More Than Half of Initial Infections in Cyberattacks Come Via Exploits, Supply Chain Compromises

Mandiant data also shows a dramatic drop in attacker dwell time on victim networks in the Asia-Pacific region — to 21 days in 2021 from 76 days in 2020.

@PatrickCMiller shared
On Apr 19, 2022
Wind turbine firm Nordex hit by Conti ransomware attack https://t.co/fVBQs2UJcJ
Open
Wind turbine firm Nordex hit by Conti ransomware attack

Wind turbine firm Nordex hit by Conti ransomware attack

The Conti ransomware operation has claimed responsibility for a cyberattack on wind turbine giant Nordex, which was forced to shut down IT systems and remote access to the managed turbines ...

@CISecurity shared
On Apr 19, 2022
Asset visibility remains a problem in the wake of the COVID-19 pandemic. Fortunately, you can improve your asset visibility and reduce security incidents with the help of the CIS Critical Security Controls! #cybersecurity https://t.co/So3Yk35NFv https://t.co/ZYb8IluHJf
Open
First Steps to Overcoming a Lack of Asset Visibility

First Steps to Overcoming a Lack of Asset Visibility

Asset visibility requires understanding which types of devices exist in your environments and what they mean to your security program.

@MITREcorp shared
On Apr 19, 2022
New purple teaming resources including threat hunting & adversary emulation training & credentials & version 2.0 of the MITRE ATT&CK Defender platform, now with a cyber range supported by @cyberranges, can empower threat-informed defenders. @MITREengenuity https://t.co/MTIH3f07LN
Open
MITRE Engenuity Launches New MITRE ATT&CK Defender™ Purple Teaming Initiatives and Cyber Range

MITRE Engenuity Launches New MITRE ATT&CK Defender™ Purple Teaming Initiatives and Cyber Range

(April 19, 2022) — MITRE Engenuity, MITRE’s tech foundation for public good, announced that MITRE ATT&CK DefenderTM (MAD), the cybersecurity community’s MITRE ATT&CK® training and …

Read more: Mitre Attack
weekly 21.04.2022
View archives
Back to home

Subscribe to Cybersecurity - Mitre ATT&CK.

Avoid an information overload and get the most trusted industry news hand-picked by the top Experts. Sign up for the weekly Cybersecurity - Mitre ATT&CK.
Privacy Policy

Sign up for the weekly Cybersecurity - Mitre ATT&CK newsletter

Never again miss anything or anyone that matter in Cybersecurity

Sign up and receive the Cybersecurity - Mitre ATT&CK weekly email newsletter directly to your inbox. Make more informed business decisions based on insight for the most trusted industry experts, faster.
Privacy Policy