HackDig : Dig high-quality web security articles for hackers

The MITRE ATT&CK Framework: Exfiltration

Once an attacker has established access and pivoted around to the point of gathering the necessary data, they will work on exfiltration of that data. Not all malware will reach this stage.Ransomware, for example, usually has no interest in exfiltrating data. As with the Collection tactic, there’s little guidance on how to mitigate an attacker exfiltrating da
Publish At:2020-05-27 05:35 | Read:93 | Comments:0 | Tags:Featured Articles MITRE Framework ATT&CK exfiltration MITRE

The MITRE ATT&CK Framework: Lateral Movement

It will be rare that an attacker exploits a single system and does not attempt any lateral movement within the network. Even ransomware that typically targets a single system at a time has attempted to spread across the network looking for other victims. More often than not, an attacker will gain an initial foothold and start to pivot across systems looking
Publish At:2020-05-24 10:02 | Read:71 | Comments:0 | Tags:Featured Articles MITRE Framework ATT&CK Lateral Movement MI

The MITRE ATT&CK Framework: Collection

The Collection tactic outlines techniques an attacker will undertake in order to find and gather the data they need to meet their actions on objectives.I see most of these techniques as being useful for describing what a piece of malware or threat actor is up to rather than looking to them for guidance on how to mitigate and detect their actions.Mitigation a
Publish At:2020-05-24 09:52 | Read:112 | Comments:0 | Tags:Featured Articles MITRE Framework ATT&CK collection MITRE

The MITRE ATT&CK Framework: Credential Access

There’s no doubt about it, attackers want your credentials more than anything, especially administrative credentials. Why burn a zero-day or risk noisy exploits when you can just log in instead? If you were to break into a house, would you rather throw a brick through a window or use a key to the front door?As attackers get in and want to maintain a level of
Publish At:2020-05-03 08:04 | Read:332 | Comments:0 | Tags:MITRE Framework ATT&CK Framework cis controls security

The MITRE ATT&CK Framework: Privilege Escalation

Anyone who has had any experience on the offensive side of security has had fun with privilege escalation. There’s something exciting about exploiting a system to the point of getting root-level access. Since I have spent most of my time on the defensive side of the fence, the magic of escalating privileges rested in Exploiting for Privilege Escalation or st
Publish At:2020-04-16 06:55 | Read:643 | Comments:0 | Tags:Featured Articles MITRE Framework ATT&CK log privilege escal

The MITRE ATT&CK Framework: Persistence

When I first started researching ATT&CK last year, Persistence was the tactic which made me fall in love.Even though I have been in the industry for some time, I learned more from digging into the various techniques here than any other tactic. While I knew about fun tricks like replacing sethc.exe with cmd.exe and hitting the shift key a bunch of times f
Publish At:2020-04-09 05:01 | Read:590 | Comments:0 | Tags:Featured Articles MITRE Framework ATT&CK malware persistence

The MITRE ATT&CK Framework: Execution

Of all the tactics that an adversary will take on in their campaign, none will be more widely abused than, Execution (https://attack.mitre.org/wiki/Execution). When taking into consideration off-the-shelf malware, traditional ransomware, or state of the art advanced persistent threat actors, all of them have execution in common. There’s a great quote from Al
Publish At:2020-03-31 08:17 | Read:430 | Comments:0 | Tags:Featured Articles MITRE Framework ATT&CK execution malware r

The MITRE ATT&CK Framework: Initial Access

Although ATT&CK is not laid out in any linear order, Initial Access will be the point at which an attacker gains a foothold in your environment. This tactic is a nice transition point from PRE-ATT&CK to ATT&CK for Enterprise. What is different about the techniques within Initial Access is that they are more high-level than some of the other techn
Publish At:2020-03-23 06:49 | Read:582 | Comments:0 | Tags:Featured Articles MITRE Framework cis controls PowerShell sp

MITRE Releases an Update to The Common Weakness Enumeration (CWE)

MITRE has been doing exceptional work in advancing cybersecurity as a public good, and it is an excellent resource for security professionals. Possibly best known for their ATT&CK Framework, a rich source of adversarial tactics and techniques and their mitigations, MITRE is also known for another resource: the Common Weakness Enumeration (CWE). The CWE i
Publish At:2020-03-12 01:29 | Read:299 | Comments:0 | Tags:MITRE Framework CWE MITRE

Podcast Episode 3: How the MITRE ATT&CK Framework Can Improve Your Defenses

Listen and subscribe to our new podcast! Tripwire’s cybersecurity podcast features 20-minute conversations with the people who protect people from cyber threats. Hosted by Tripwire’s VP of Product Management and Strategy, Tim Erlin, each episode brings on a new guest to explore the evolving threat landscape, technology trends, and cybersecurity best practice
Publish At:2020-03-03 09:30 | Read:403 | Comments:0 | Tags:MITRE Framework Podcast MITRE

The MITRE ATT&CK Framework: Impact

Not all attackers are trying to exfiltrate data. In security, we’re all familiar with CIA triad—confidentiality, availability, and integrity. While Exfiltration describes adversarial behavior with the goal of violating confidentiality, attackers may look to manipulate, interrupt, or destroy your systems and data. The Impact tactic describes techniques that a
Publish At:2020-02-25 00:38 | Read:534 | Comments:0 | Tags:Featured Articles MITRE Framework ATT&CK Impact MITRE

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud