This weeks' briefing covers: Dive deeper.

This weeks' briefing covers.

This weeks' briefing covers.

Bharath Kashyap helped create a lightweight, programmatic approach to performing a maturity assessment using free MITRE tools (like ATT&CK framework, D3FEND, and MITRE Centre for Threat Informed Defense (CTID)) to provide a starting point for you to understand your organization’s coverage against the framework, identify areas for improvement and prioritize them for implementation. In this video, Bharath walks through a few ways to make the assessment tool work for your organization.

This weeks' briefing covers.

Throughout Q2 and Q3 2023, we observed an increased use of the malicious “SYSTEMBC” tool to maintain access in a compromised network. In this video, Kroll Threat Intelligence expert, Dave Truman, provides an initial walkthrough of our research into SYSTEMBC, focusing in its C2 server.

This weeks' briefing covers: Dive deeper: Additional Resources: July 11 2023 Cyber Threat Intelligence Briefing: July 10 2023 Cyber Threat Intelligence Briefing.

Kroll actively tracks malware command and control infrastructure, submissions to public sandboxes and active incident response (IR) and managed detection and response (MDR) case data to generate lists of the most active malware strains for comparison.

“In Q3, we did see an uptick in incidents impacting the manufacturing and construction sector largely led by business email compromise (BEC) or email compromise attacks. One of the reasons for this uptick in BEC attacks has to do with the reliance on third parties and suppliers.” – Laurie Iacono.

“From using QR codes in emails to sharing links via Microsoft Teams, threat actors are evolving their methodology to manipulate humans to click on the bait. This is not phishing through email; it's phishing through an instant messaging platform.” – Laurie Iacono.