‘Black Proxies’ Use 187,000-Plus IP Addresses to Launch Credential Stuffing Attacks
SOCs should monitor for unusual or unauthorized behavior using adversary playbooks from MITRE ATT&CK rather than relying on static IOCs.
News & Updates
-
-
DEV-0569 Ransomware Group Remarkably Innovative, Microsoft Cautions
Malicious ads are tough to defend against, so ensure SoC has detections for suspicious or unauthorized behavior, such as privilege escalation and LoTL tools.
-
Cybersecurity Trends in 2023 That Will Directly Impact Everyday Life
2023 is likely to be the year executives, boards, and auditors demand better cyber reporting around their defensive posture and business risk.
-
CISA: Just-Disclosed Palo Alto Networks Firewall Bug Under Active Exploit
Vulnerability does not provide attackers with access to your internal network, but it can halt business-critical operations such as taking orders.
-
Enterprise SIEMs are Failing
According to CardinalOps, SIEMs miss detections for 80% of MITRE ATT&CK techniques, and only 25% ingest identity logs such as Active Directory and Okta.
-
CardinalOps Contributes to MITRE ATT&CK v12
New sub-technique is important control for implementing zero-trust and appears in 3 separate tactics: Credential Access, Defense Evasion, and Persistence.
-
CardinalOps Recognized for Contributing Security Research to MITRE ATT&CK v12
New T1556.006 sub-technique is used to bypass MFA. Control applies to platforms including Azure AD, Office 365, Windows, Linux, MacOS, Google Workspace, SaaS.
-
CardinalOps Recognized for Contributing Security Research to MITRE ATT&CK v12
According to industry analyst firm ESG, 89% of organizations are now using the MITRE ATT&CK framework to reduce risk for security operations use cases.
-
Microsoft Identifies Issues with Kerberos Authentication on Certain Windows Servers
Issues don’t apply to Azure Active Directory environments that are not hybrid and don’t have on-premises AD servers, but could still affect many organizations.
-
6 Reasons Why You Want Vets in Your Cyber Platoon
They understand the adversary mindset: What is our attack surface? How are we likely to be attacked? How can we detect attacks in the early stages?
-
CISOs, Security Leaders Eyeing Other Job Options
CISOs and SOC personnel take pride in being cyber defenders for their organizations and feel the pain of information overload and constantly being on call.
-
CardinalOps Hosts Black Hat Webinar with Google’s Dr. Anton Chuvakin on “SOC Modernization – Where Do We Go From Here?”
Why SOC modernization extends beyond technology alone, providing an opportunity to incorporate human creativity and innovation as a strategic force multiplier.