TL;DR First and foremost, apply patches to the Exchange infrastructure. Assume compromise. It’s been reported that the attackers launched a massive compromise attack against 60,000+ Exchange Servers before patches became available, and many other attackers are actively looking for exploited…
MITRE ATT&CK
Network Threat Hunting Made Easy With the MistNet NDR MITRE ATT&CK™ Engine
Security professionals are widely adopting MITRE ATT&CK™ for network threat hunting. ATT&CK stands for Adversarial Tactics, Techniques and Common Knowledge, and it represents a globally accessible information base of adversary tactics and techniques based on real-world observations. MITRE ATT&CK provides…
LogRhythm MITRE ATT&CK Knowledge Base (KB) Module 2.0
Major Update to the LogRhythm MITRE ATT&CK KB Module When LogRhythm originally developed and launched the MITRE ATT&CK Knowledge Base (KB) Module, we worked under MITRE ATT&CK’s version 6. The MITRE ATT&CK framework is constantly developing, and many changes have…
Lateral Movement and How to Detect It
You may have heard of the concept of lateral movement within the context of security operations and possess a general idea of how threat actors leverage this tactic to gain access to your data. But what exactly is lateral movement?…
