The MITRE ATT&CK framework is one of the most commonly used resources within the SafeBreach platform. At SafeBreach’s 2023 Validate Summit—an event that brings security experts together to discuss challenges and best practices in proactive cybersecurity—SafeBreach Co-Founder and CTO Itzik Kotler sat down with Frank Duff, the Chief Innovation Officer at Tidal Cyber, to discuss threat informed defense and MITRE ATT&CK.

Read also: Ex-Navy IT manager sentenced to 5 years in prison for hacking, tech CEO gets a five-year sentence for IP addresses fraud, and more.

SOC Analyst Appreciation (SAAD) Day 2023 has come and gone. With great speakers and great sessions, it was a can’t-miss event for SOC analysts and anyone else looking to better appreciate their SOCs and see what’s on the horizon for cybersecurity. But hey, we realize that despite your best efforts, some SOC teams and leaders couldn’t make it the day of.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. That is a bit unfortunate…

Imagine you have a perfectly working Kubernetes cluster, and when everything seems on course, you get an “ImagePullBackOff” error. Although this is a popular issue in Kubernetes, understanding and troubleshooting the root cause can be a real headache. Kubernetes is an open-source container orchestration platform originally developed by Google.

CrowdStrike has been named a Leader in The Forrester Wave™: Endpoint Security, Q4 2023, the latest recognition in a string of accolades for our market-leading cybersecurity solutions delivered from the unified, AI-native CrowdStrike Falcon® platform. In the report, Forrester identified the 13 most significant endpoint security providers and researched, analyzed and scored them based on 25 criteria. Our highlights include.

October 18, 2023, the Cybersecurity Infrastructure and Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, Phishing Guidance: Stopping the Attack Cycle at Phase One.

Researchers at Fortra are tracking “Strox,” one of the most popular phishing operations of the past two years. Users of Strox phishing kits can easily create phishing campaigns by simply submitting a logo for the brand they want to impersonate. “Currently, twelve phishing kits are sold on Strox for $90 USD each.

We rarely find ourselves without access to the Internet, thanks to the increased number of public Wi-Fi networks or hotspots wherever we go. From our local coffee shops, libraries, or shopping centers, connecting to the web is easier than ever. But is it more secure? Since 2019, the rise of remote workers and digital nomads means we are more reliant on public Wi-Fi to get our jobs done and to carry out our daily tasks, from online shopping, to emails and video conferences.

In the brisk air of early autumn, optimism fills our hearts as we celebrate the 20th anniversary of Cybersecurity Awareness Month, an annual event dedicated to fostering a deeper understanding of cybersecurity and inspiring behavior change. Two decades ago, the prevailing belief among security professionals was that raising awareness alone could lead to secure online behaviors. But in 2023, we've learned that hope is not a strategy.