Latest advances in MITRE’s ATT&CK framework

Lots of good stuff going on for MITRE ATT&CK framework. It’s great to see the whole project evolving and stimulating cybersecurity community to better analyse intrusions and actors, enhance controls and active defense activities. See some of the latest updates:

Continue reading “Latest advances in MITRE’s ATT&CK framework” →

Costin Raiu on future sophisticated attacks

It was ~2 weeks ago when Costin Raiu wrote an article on “Where are all the ‘A’s in APT?”. In this article, Costin focused on what is regarded as sophisticated in observed APT attacks as well as how future detected sophisticated attacks will look like:

Continue reading “Costin Raiu on future sophisticated attacks” →

A Study on Threat Intelligence Platforms (TIPs)

ENISA has released the first comprehensive study on cyber Threat Intelligence Platforms (TIPs) focused on the needs of TIP users, developers, vendors and the security research community.

The study channels its efforts into identifying some of the key opportunities and limitations of existing platforms and solutions, since information exchange formats and tools remain central items on the agenda of the cybersecurity community in general, and particularly of incident responders.

Continue reading “A Study on Threat Intelligence Platforms (TIPs)” →

ENISA Report on Tools and Methodologies for CSIRTs and Law Enforcement Collaboration

European Union Agency for Network and Information Security (ENISA) has recently released the report on Tools and Methodologies to Support Cooperation between CSIRTs and Law Enforcement.

The report aims to support the cooperation between CSIRTs – in particular national/governmental CSIRTs – and LEAs in their fight against cybercrime, by providing information on the framework and on the technical aspects of the cooperation, identifying current shortcomings, and formulating and proposing recommendations on technical aspects to enhance the cooperation.

Continue reading “ENISA Report on Tools and Methodologies for CSIRTs and Law Enforcement Collaboration” →

ENISA Threat Landscape 2016

The ENISA Threat Landscape 2016 is out! This is the annual report published by ENISA that provides useful insights on the cyber threats observed during the past year. Apart from the top cyber threats, the report provides information on threat actors and major attack vectors observed. Finally, the conclusion section provides a collection of issues that will challenge the cyber-security community in the coming months/year in various degrees of intensity.

Some highlights of the report are the following ones:

Cyber Threat Intelligence and ETL – “Cyber Threat Intelligence: State-of-play” and the “CTI Big Picture“
Threat Agents – “Trends” and “Top threat agents and motives“
Conclusions – “Main cyber-issues ahead” and “Conclusions“

Read below the executive summary of the report:

Continue reading “ENISA Threat Landscape 2016” →

Adi Shamir makes 15 predictions for the next 15 years!

aaeaaqaaaaaaaavvaaaajgjjmjy3ytlllwy0ndmtngmzzi05zjm4lwziywrkmmqxnwuyyg

Adi Shamir makes 15 predictions for the next 15 years in his anniversary keynote “Financial Cryptography: Past, Present, and Future” at Financial Cryptography 2016 ( below bullets are copied from Ross Andreson’s blog post):
Continue reading “Adi Shamir makes 15 predictions for the next 15 years!” →

Tilting at windmills

A blog about cyber threat intelligence and incident response.

Category: cybersecurity