Cybersecurity Essentials

Mitre ATT&CK

The cybersecurity market already top $100 billion per year and will reach $300 billion by 2024. With that kind of money at stake, this market is one of the hottest areas for IT innovation.

Cybersecurity Essentials

Top news of the week: 21.10.2021.

#dfir
#Sysmon
#detectionengineering
#MDE
#Linux
#AzureSentinel
#CobaltStrike
#fraud
#cybersecurity
#retail

Mitre Attack

@PatrickCMiller shared
On Oct 21, 2021
RT @LitMoose: Humbled and honored that my company asked me to represent our IR team in talking about my path and experience in the industry, along with three other incredible people from different focus areas. If you're new to infosec, I hope this helps bolster you. https://t.co/3WL85hlt99
Open
Many Paths, One Goal: Forging a Career in Cybersecurity

Many Paths, One Goal: Forging a Career in Cybersecurity

We asked four of CrowdStrike’s finest analysts and threat hunters to share their experiences in cybersecurity and their thoughts on the industry's evolution.

@markrussinovich shared
On Oct 18, 2021
RT @olafhartong: We get a lot of questions about whether #Sysmon still makes sense when you have an EDR like #MDE, so I wrote blog about it :) https://t.co/ZwB3v8pLq6 #dfir #detectionengineering
Open
Sysmon vs Microsoft Defender for Endpoint, MDE Internals 0x01

Sysmon vs Microsoft Defender for Endpoint, MDE Internals 0x01

It is not a big secret that we at FalconForce work a lot with, and are big fans of, both Microsoft Defender for Endpoint (MDE) and…

@ItsReallyNick shared
On Oct 21, 2021
RT @TimbMsft: Awesome to get 🔥 Sysmon-level visibility into Windows PEs in @virustotal 🔥 happy hunting! And share your resulting detection queries with the community in the public https://t.co/XdZ9Hohq7J and #AzureSentinel https://t.co/BsnZhHwvDq repos! https://t.co/KPUpBcBSLk
Open
New Microsoft Sysmon report in VirusTotal improves security

New Microsoft Sysmon report in VirusTotal improves security

Today, following the 25th year anniversary of Microsoft Sysinternals, we are announcing the general availability of a new Microsoft Sysmon report in VirusTotal. Whether you’re an IT ...

@Cyb3rWard0g shared
On Oct 18, 2021
RT @russmcsec: If you've been wondering how #Sysmon for Linux can help you find MITRE ATT&CK techniques, I've got just the blog for you. I walk through a common technique and show what Sysmon events you can use to find it. #Linux #DFIR @MITREattack https://t.co/rAqIS5SL5e
Open
MITRE ATT&CK technique coverage with Sysmon for Linux

MITRE ATT&CK technique coverage with Sysmon for Linux

Thanks to Kevin Sheldrake, Roberto Rodriguez, Jessen Kurien and Ofer Shezaf for making this blog possible.   For many years, people have been using Sysmon on their Windows systems to gain ...

@DarkReading shared
On Oct 19, 2021
The number of ransomware attacks has increased drastically, with organizations of all stripes affected. What's even more concerning is attacks are evolving rapidly to add new capabilities. How to defend against something unpredictable? Experts point to AI: https://t.co/sZaRMOn01C
Open
How AI Can Stop Zero-Day Ransomware

How AI Can Stop Zero-Day Ransomware

Ransomware attacks are unpredictable. AI is better at figuring out what looks malicious and abnormal than humans will ever be.

@bry_campbell shared
On Oct 18, 2021
RT @TheDFIRReport: IcedID to XingLocker Ransomware in 24 hours ➡️Initial Access: IcedID ➡️Persistance: Scheduled Tasks ➡️Discovery: net, wmic, AdFind, BloodHound, PowerView, etc. ➡️C2: #CobaltStrike ➡️Defense Evasion: Process Hollowing & Disabling Security Tools https://t.co/TCECZHEAhP 1/5 https://t.co/afZOtE8N3s
Open
IcedID to XingLocker Ransomware in 24 hours

IcedID to XingLocker Ransomware in 24 hours

In this intrusion, we observed the threat actors use multiple DLL Beacons that would call out to different Cobalt Strike C2 channels. The threat actors used batch scripts during the ...

@PatrickCMiller shared
On Oct 19, 2021
'Clumsy' BlackByte Malware Reuses Crypto Keys, Worms Into Networks https://t.co/gKalnIT0sY
Open
'Clumsy' BlackByte Malware Reuses Crypto Keys, Worms Into Networks

'Clumsy' BlackByte Malware Reuses Crypto Keys, Worms Into Networks

Discovered during a recent incident response engagement, the malware avoids Russian computers and uses a single symmetric key for encrypting every compromised system.

@DarkReading shared
On Oct 19, 2021
Loss Prevention Teams Up With Cybersecurity to Address Retail Fraud https://t.co/2H7L8RPuzq by Tatiana Walk-Morris (@Tati_WM) #cybersecurity #retail #fraud
Open
Loss Prevention Teams Up With Cybersecurity to Address Retail Fraud

Loss Prevention Teams Up With Cybersecurity to Address Retail Fraud

As retailers roll out more "buy online, pickup in-store" options, loss prevention professionals are increasingly shifting their attention from in-store theft to e-commerce fraud.

Read more: Mitre Attack
weekly 21.10.2021
View archives
Back to home

Subscribe to Cybersecurity Essentials - Mitre ATT&CK.

Avoid an information overload and get the most trusted industry news hand-picked by the top Experts. Sign up for the weekly Cybersecurity Essentials - Mitre ATT&CK.
Privacy Policy

Sign up for the weekly Cybersecurity Essentials - Mitre ATT&CK newsletter

Never again miss anything or anyone that matter in Cybersecurity Essentials

Sign up and receive the Cybersecurity Essentials - Mitre ATT&CK weekly email newsletter directly to your inbox. Make more informed business decisions based on insight for the most trusted industry experts, faster.
Privacy Policy