MITRE ATT&CK

Microsoft Office Building

A Guide to Detecting Microsoft Exchange Zero-Day Exploits

TL;DR First and foremost, apply patches to the Exchange infrastructure. Assume compromise. It’s been reported that the attackers launched a massive compromise attack against 60,000+ Exchange Servers before patches became available, and many other attackers are actively looking for exploited…

MistNet NDR MITRE ATT&CK Threat Hunting

Network Threat Hunting Made Easy With the MistNet NDR MITRE ATT&CK™ Engine

Security professionals are widely adopting MITRE ATT&CK™ for network threat hunting. ATT&CK stands for Adversarial Tactics, Techniques and Common Knowledge, and it represents a globally accessible information base of adversary tactics and techniques based on real-world observations. MITRE ATT&CK provides…

LogRhythm MITRE ATT&CK Module Updates

LogRhythm MITRE ATT&CK Knowledge Base (KB) Module 2.0

Major Update to the LogRhythm MITRE ATT&CK KB Module When LogRhythm originally developed and launched the MITRE ATT&CK Knowledge Base (KB) Module, we worked under MITRE ATT&CK’s version 6.  MITRE is constantly developing the ATT&CK framework, and many changes have…

Lateral Movement and How to Detect It

You may have heard of the concept of lateral movement within the context of security operations and possess a general idea of how threat actors leverage this tactic to gain access to your data. But what exactly is lateral movement?…