MITRE ATT&CK Looks at Cybercrime Techniques

May 29, 2024

Component not found for block type: video-embed

Over the last decade, the MITRE Corporation has grown its ATT&CK framework, which is a knowledge base of adversary behaviors that can help defenders in a variety of ways. MITRE has traditionally been focused on Advanced Persistent Threat (APT) groups but has been increasingly incorporating techniques and sub-techniques into ATT&CK that are used by cybercriminal groups. In this Studio 471, Patrick Howell O’Neill, who is a Lead Cyber Operations Analyst at MITRE, discusses these changes and why ATT&CK is useful to security professionals.

Participants:
Patrick Howell O’Neill, Lead Cyber Operations Analyst, MITRE Corporation
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471

Threat Hunting//

Threat Hunting Case Study: FileFix

FileFix bypasses Mark of the Web (MotW) protections by hijacking the Windows File Explorer address bar. Here is how to hunt for it.

Emerging Threats//

Gentlemen Ransomware

Gentlemen ransomware uses credential abuse, defense evasion, and double extortion tactics to compromise enterprise environments and increase pressure on victims.

Emerging Threats//

TeamPCP Supply Chain Attacks

TeamPCP is exploiting trusted npm and PyPI packages to compromise developer environments, steal credentials, and extend attacks across software supply chains.

Sign up for our Executive Intel Update

Stay informed with our weekly executive update, sending you the latest news and timely data on the threats, risks, and regulations affecting your organization.

MITRE ATT&CK Looks at Cybercrime Techniques

Related Articles

Threat Hunting Case Study: FileFix

Gentlemen Ransomware

TeamPCP Supply Chain Attacks

Sign up for our Executive Intel Update

Sign up for our Executive Intel Update