Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive

A malware tactic dubbed ‘hunter-killer’ is growing, based on an analysis of more than 600,000 malware samples. This may become the standard approach for advanced attacks.
The post Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressiv… Continue reading Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive

Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive

A malware tactic dubbed ‘hunter-killer’ is growing, based on an analysis of more than 600,000 malware samples. This may become the standard approach for advanced attacks.
The post Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressiv… Continue reading Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive

EMB3D Threat Model: Understand threats to embedded devices in critical infrastructure

Critical infrastructure depends on embedded devices across industries such as oil and natural gas, electric, water management, automotive, medical, satellite, autonomous systems, and unmanned aircraft systems. However, these devices often lack proper s… Continue reading EMB3D Threat Model: Understand threats to embedded devices in critical infrastructure

MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure

MITRE and partners unveil EMB3D, a new threat model designed for critical infrastructure embedded devices.
The post MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure appeared first on SecurityWeek.
Continue reading MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure

Modeling organizations’ defensive mechanisms with MITRE D3FEND

Funded by the National Security Agency, MITRE’s D3FEND framework is helping to provide standardization, specificity, and repeatability needed by cybersecurity engineers. As the framework moves from the beta version to version 1.0 in 2024, we asked D3FE… Continue reading Modeling organizations’ defensive mechanisms with MITRE D3FEND

MITRE partners with Microsoft to address generative AI security risks

MITRE and Microsoft have added a data-driven generative AI focus to MITRE ATLAS, a community knowledge base that security professionals, AI developers, and AI operators can use as they protect AI-enabled systems. This new framework update and associate… Continue reading MITRE partners with Microsoft to address generative AI security risks

MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros

MITRE ATT&CK, a common language for cybersecurity professionals to communicate with each other and better understand real-world adversary behaviors, celebrates its 10th anniversary this fall. In this Help Net Security interview, project leader Ada… Continue reading MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros

Proof of concept: Services File Permissions Weakness (T1574.010)

I am trying to do a proof of concept where I use technique T1574.010. In this technique, I should rewrite the binpath of some service in Windows 10 so that when the service starts again the payload that I want is executed, which in this ca… Continue reading Proof of concept: Services File Permissions Weakness (T1574.010)