Attack Dwell Time
The median attacker dwell time before detection is 11 days or 256 hours, according to data from Sophos. That’s time in which invaders are free to conduct malicious activity, such…
Ryuk Attack Anatomy
This report illustrates some of the new and existing Tactics, Techniques, and Procedures (TTPs) of the Ryuk ransomware variants Initial Access: RDP Brute Force / Phising Initial access is based…
Posted incybersecurity MITRE Security
MITRE ATT&CK Approach
The MITRE ATT&CK framework offers a threat-informed approach to detection, mitigation and protection against malicious attacks. This framework includes a repository of adversary tactics, techniques and procedures (TTPs), using empirical…
Ransomware TTP
Some of the tactics, techniques and procedures being widely used by ransomware operators in their efforts that organizations should monitor: AdFind: This command-line Active Directory tool gets employed - like…
Qakbot 🐎 ->Prolock ☠️-> Egregor 👹
Group-IB discovered that QakBot (aka Qbot) operators have abandoned ProLock for Egregor ransomware. ProLock = Egregor The analysis of attacks where Egregor has been deployed revealed that the TTPs used…
Torisma 🌀
A sophisticated cyber espionage campaign aimed at aerospace and defense sectors in Australia, Israel, Russia, and defense contractors based in Russia and India , whic will install data gathering implants…