3 matches found
TTP Table for Detecting APT Activity Related to SolarWinds and Active Directory/M365 Compromise
CISA has released a table of tactics, techniques, and procedures TTPs used by the advanced persistent threat APT actor involved with the recent SolarWinds and Active Directory/M365 compromise. The table uses the MITRE ATT&CK framework to identify APT TTPs and includes detection recommendations...
NSA Releases Cybersecurity Advisory on Detecting Abuse of Authentication Mechanisms
The National Security Agency NSA has released a cybersecurity advisory on detecting abuse of authentication mechanisms. This advisory describes tactics, techniques, and procedures used by malicious cyber actors to access protected data in the cloud and provides guidance on defending against and...
Threat Outbreak Alert RuleID6396: Email Messages Distributing Malicious Software on June 6, 2016
Medium Alert ID: 40056 First Published: 2015 July 20 20:34 GMT Last Updated: 2016 June 7 11:36 GMT Version: 70 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID6396 and...