Are you in Montreal for #FIRSTCon2023? Stop by the Tidal Cyber table to learn how we’re making threat-informed defense easy, and to enter our booth raffle for a pair of Beats earbuds!
Our Director of CTI and Principal Data Scientist are both on site; they’ll be speaking on Friday about #ransomware. Don’t miss their presentation!
A key part of #threatinformeddefense is focusing on threats relevant to you, but how do you know what threats those are? Developing a cyber threat profile is crucial, but many organizations find the process overwhelming.
We're excited to release our latest ebook, The Ultimate Guide to Cyber Threat Profiling! In this comprehensive guide, our Director of CTI lays out the strategic benefits of threat profiling, how to build your first threat profile, and more.
Introducing the newest major @tidalcyber TTP intelligence content roundup, the Initial Access & Malware Delivery Landscape matrix, now live in our free Community Edition platform: https://app.tidalcyber.com/share/43836024-a194-4ac7-9659-b51e88632e7f
The matrix covers 25 major & emerging #malware typically used to gain early footholds in victim environments, often leading to ingress of more impactful threats, especially #ransomware, #infostealers, cryptominers, & more. It includes many recognizable names (#QakBot, #IcedID, #Emotet, #Bumblebee, #Gootloader) plus several newer and less-discussed threats
The matrix includes 13 custom Technique Sets for threats not currently tracked in the #mitreattack knowledge base. All technique references derive from a large volume of recent, public #threat reporting (click the labels in the ribbon at the top of the matrix to view relevant source URLs for each threat)
An interactive link analysis visualization of connections among these threats, also derived from public reports, is also available here: https://onodo.org/visualizations/235067/
Community Edition matrices support easy identification of shared (and outlier) techniques among multiple threats, and quick & easy overlay or pivoting to defensive & offensive security capabilities relevant to your own #security stack. We’ll have a blog out soon reviewing our analysis of top & trending techniques common among these initial access threats
Tidal’s #Adversary Intelligence team remains focused on providing up-to-date #TTPintelligence, especially around traditionally under-represented yet widely relevant threats like crimeware. Other popular matrices in this theme include our Ransomware & Data Extortion Landscape matrix (https://app.tidalcyber.com/share/9a0fd4e6-1daf-4f98-a91d-b73003eb2d6a) and Major & Emerging Infostealers matrix (https://app.tidalcyber.com/share/ec62f5e0-bd40-476b-a560-7ad2779ea9e3), which each cover 20+ threats
Financially motivated adversaries often display a rapid pace of #TTP evolution, and this is especially apparent for #initialaccess threats. Register for our webinar on May 31 dedicated to TTP evolution, its drivers, and discussion around what defenders can do to address it and its implications: https://hubs.la/Q01NC23k0
#SharedWithTidal #threatinformeddefense #malware #infostealer #cryptominer #IAB #blueteam #detectionengineering #purpleteam #cyber
We're excited to welcome @loginsoft to the Tidal Product Registry! You can now explore their System-41 analytics to detect potential cyber threats in the Tidal Community Edition, and add them to your matrix to check coverage against specific threat actors or groups. Be sure to check them out!
#tidalproductregistry #threatinformeddefense #threatintel #cybersecurity
There's still time to register for our #webinar tomorrow exploring initial access threats and #malware delivery! You won't want to miss this presentation by our Director of CTI will present research on remote access trojans (RATs), loaders, and other initial access threats, and provide recommendations for prioritization. Join us at noon ET tomorrow!
#threatinformeddefense #cybersecurity #initialaccessthreats #threatintel
This webcast provides a broad overview of the top cyber threats currently used to gain initial footholds into victim environments and deliver a wide range of other, usually more impactful malware. Our research into loaders, remote access trojans (RATs), and other initial access threats fills a notable community knowledge gap by aggregating the TTPs associated with newer or resurging threats, including SocGholish, Gootloader, Raspberry Robin, IcedID, BumbleBee, Emotet, and more, and aligning them to a common lexicon (MITRE ATT&CK®) for quicker pivoting into defensive actions. Although many of these threats are responsible for high infection volumes and are notoriously adept at modifying their TTPs, there has yet to be a comprehensive survey of how techniques might be shared (or differ) among the various operations, campaigns, & malware. This session will especially spotlight common early-stage attack techniques and overlaps in second- or later-stage payloads, helping defenders identify opportunities to prioritize their work and make the most efficient use of finite time & resources.
The Enterprise Edition of the Tidal Platform was created to help CISOs and large organizations reap the benefits of adversary behavior data and #threatinformeddefense. In this blog, our CEO discusses how the Enterprise Edition builds on MITRE ATT&CK® and the benefits it brings to security leaders. Check it out!
#ciso #threatintel #cybersecurity
https://www.tidalcyber.com/blog/announcing-tidal-cyber-enterprise-edition
We are excited to announce today that our Enterprise Edition is generally available! The Enterprise Edition fully operationalizes threat-informed defense for large organizations and security teams. It brings a robust feature set including advanced threat profiling, coverage maps, and the Tidal Confidence Score™.
"The Enterprise Edition of the Tidal Cyber platform has helped my team save countless hours as we work to defend Winton," said Edward Millington, Head of Information Security at Winton. "The way that Tidal has operationalized adversary technique data is unique and makes it possible for us to truly adopt threat-informed defense."
Read more in the press release!
#threatinformeddefense #threatintel #cybersecurity #pressrelease #infosec
Although initial access threats like loaders and remote access trojans are responsible for many infections and notoriously frequently change their TTPs, there hasn't been a full survey of the entire initial access threat landscape. Join us on Thursday, April 13 at noon ET where we'll discuss the full initial access threat threatscape and highlight overlaps to help defenders prioritize their efforts.
#cybersecurity #threatintel #threatintelligence #threatinformeddefense
This webcast provides a broad overview of the top cyber threats currently used to gain initial footholds into victim environments and deliver a wide range of other, usually more impactful malware. Our research into loaders, remote access trojans (RATs), and other initial access threats fills a notable community knowledge gap by aggregating the TTPs associated with newer or resurging threats, including SocGholish, Gootloader, Raspberry Robin, IcedID, BumbleBee, Emotet, and more, and aligning them to a common lexicon (MITRE ATT&CK®) for quicker pivoting into defensive actions. Although many of these threats are responsible for high infection volumes and are notoriously adept at modifying their TTPs, there has yet to be a comprehensive survey of how techniques might be shared (or differ) among the various operations, campaigns, & malware. This session will especially spotlight common early-stage attack techniques and overlaps in second- or later-stage payloads, helping defenders identify opportunities to prioritize their work and make the most efficient use of finite time & resources.
Ready or not, April's here and it's time to look back at March's top TTPs! In March, the Tidal Adversary Intelligence Team added 721 technique references to the Tidal knowledge base. Check out our latest Making Waves blog post to learn more about the trending TTPs last month.
#threatintel #ttp #cyberthreat #threatinformeddefense
https://www.tidalcyber.com/blog/making-waves-ttp-intelligence-highlights-in-march
Today's the day! You won't want to miss our review of the top #TTPs across the first quarter of 2023. We'll also be talking defensive takeaways and what we can learn from the first quarter as we head into the rest of the year. Join us at noon ET!
#threatintel #cyberdefense #threatinformeddefense #cybersecurity
Key cyber adversaries regularly change their techniques to better accomplish their goals. Already in 2023, we’ve seen evolutions in the ransomware and infostealer landscapes, as well as additional shifts in techniques from espionage actors. This session will explore some of the highlights of TTP (tactics, techniques, and procedures) intelligence from the first quarter of 2023 and discuss defensive actions to take in response to this intelligence.
TropChaud
