BPFDoor, a UNIX backdoor allegedly used by Chinese threat actors, is a smart backdoor that does not need to open additional ports when the attacker wants to connect to the compromised host.
MITRE Engage is a framework that systematizes adversary engagement. MITRE Engage replaces the MITRE Shield knowledge base, focusing on the areas of denial, deception, and adversary engagement.
If you have been following our blog, you already know that we are big fans of the MITRE ATT&CK framework. ATT&CK has become the de-facto framework for describing attacker tactics, techniques and procedures (TTPs).
The Lapsus$ hacking group has targeted (and successfully breached) a number of high-profile technology groups. It first gained the spotlight for a ransomware attack against the Brazilian Ministry of Health at the end of 2021, and has been quite busy since, targeting high-profile technology companies.
Threat intel is broken. As we’ve spoken about before, generic threat intel wastes a lot of time. It’s not efficient, and often it’s not even effective.