Threat Management

Since D3FEND was founded to fill a gap created by the MITRE ATT&CK Matrix, it has come a long way. We discuss the details of the 1.0 release of D3FEND with Peter in this episode, along with some of the new tools they've built to go along with this milestone. To use MITRE's own words to describe the gap this project fills: "it is necessary tha...

The group behind the 2023 MOVEit attacks says it is deleting previous victims’ data to focus on its Cleo campaign.

Cellebrite is one of a number of developers that develop mobile device exploit and surveillance tools marketed as "forensics" software for law enforcement agencies investigating crimes.

Threat actors associated with the notorious North Korean hacking outfit Lazarus Group are now setting their sites on targets in the nuclear power sector

An attacker with local access can grab admin credentials from active memory prior to deletion.

China appears to be merging its government and malware operations to create a new surveillance platform for Android devices.

Attacks conducted by the threat actors since March involved the exploitation of numerous open-source tools and scripts to discover AWS's 26.8 million IP addresses, whose domain addresses were later obtained through a Shodan search, an analysis by cybersecurity researchers Noam Rotem and Ran Locar published on vpnMentor showed.

Dysentery, TP-Link, Piracy, Calendar Scams, Tencent, TikTok, Aaran Leyland, and More, on this edition of the Security Weekly News.

Deloitte, e-Tattoos, Web 3.0, Cp3o, Chemonics, IPv6, the Number 6, Chinese Emperors, Aaran Leyland, and More, on this edition of the Security Weekly News.

A notorious Kremlin-backed hacking group is using a legitimate network service to coordinate targeted attacks.