Adaptable ‘Swiss Army Knife’ Malware a Growing Threat
Multipurpose malware is more effective because it can execute multiple stages of the MITRE ATT&CK kill chain.
News & Updates
Multipurpose malware is more effective because it can execute multiple stages of the MITRE ATT&CK kill chain.
Wiper malware has been used against Ukraine since 2015 by adversary groups like Sandworm. An updated version was used as Russia invaded in February 2022.
Gaining more detections at all security layers — endpoint, network, email, IAM, cloud, etc.— and moving to the cloud are the key lessons from the past year.
Ukraine has significantly boosted its continuous security monitoring capabilities so they can quickly detect and respond before attacks can have major impact.
CISOs and security operations teams attempting to protect enterprise networks, data and assets face growing complexity. Automation and MITRE ATT&CK can help.
Cloud changes everything — including how we do threat detection and response. Securing the cloud requires entirely new data sources to be ingested by the SIEM.
35% of organizations have a shortage of security engineers. Vendors like CardinalOps can bridge the detection engineering gap with automation and MITRE ATT&CK.
Initial access via malicious LNK files is a clever technique that’s been used for years, including in the Stuxnet attacks first uncovered in 2010.
Leadership will be asking CISOs to report on their defensive posture using metrics based on industry-standard frameworks such as MITRE ATT&CK.
Automation will move into areas of Security Operations that are still dependent on manual processes, such as exposure management and detection engineering.
Prioritize security investments that support the business, such as cloud initiatives. Invest in people and human creativity to defend against adversaries.
SOCs should monitor for unusual or unauthorized behavior using adversary playbooks from MITRE ATT&CK rather than relying on static IOCs.