The highly anticipated structural update to the MITRE ATT&CK framework was released July 8th, 2020. After a quiet first half of the year, it appears the ATT&CK team has been putting in lots of work into some significant redesign of the framework’s structure. This update introduces a new layer of abstraction: sub-techniques.

Things just got serious. Business Email Compromise is no longer solely the province of chancers and opportunistic Nigerian actors such as the Yahoo Boys. Organised criminal gangs with a high level of professionalism have seen the opportunity and seized it. Security researchers at Agari have published a report detailing their investigations into a Russian cybercrime gang they say have stolen millions of dollars from companies in 46 countries since mid-2019.

Controls management and assessments are critical for properly managing a complete information security program. Similarly, evidence collection, management, and approval is vital for proper control based security governance programs in any organization.

This post continues this two-part blog series on further understanding the differences between macOS and Windows on the system level for effective endpoint security analysis. In Part 1, we covered process events. Here in Part 2, we’ll discuss file and network events. As with Part 1, my hope is to help cybersecurity professionals expand and enrich their experiences on a less familiar platform, ultimately helping them to be better prepared to face differences from past experiences.

Indeed, with millions of employees now working from remote locations and new services being rolled out to support them, the traditional security perimeter has vanished before our eyes. This has created a significant challenge for the security teams tasked with defending their organisations against threats – a challenge made even harder when the tactics and techniques of cybercriminals are constantly evolving.

The Payment Card Industry Data Security Standards (PCI DSS) defines the framework for protecting cardholder data. The framework was developed by the Payment Card Industry Security Standards Council (PCI SSC) and enables organizations to assess how well they are protecting cardholder data, training staff, and conducting PCI DSS audits. PCI compliance and accepting credit cards go hand in hand.

Distributed denial of service (DDoS) is a broad class of cyberattack that disrupts online services and resources by overwhelming them with traffic. This renders the targeted online service unusable for the duration of the DDoS attack. The hallmark of DDoS attacks is the distributed nature of the malicious traffic, which typically originates from a botnet—a criminally-controlled network of compromised machines spread around the globe.

This blog was written by a third party author Zero Trust is a cybersecurity model with a tenet that any endpoint connecting to a network should not be trusted by default. With Zero Trust, everything and everyone— including users, devices, endpoints —must be properly verified before access to the network is allowed.

As companies shift more focus to combatting the recent epidemic in ransomware attacks, they are faced with choices on how to best deploy defenses to counter new attacker tactics and stay ahead of the threat.