Weekly Digest:
- Understanding and Mitigating Insider Threats: A Comprehensive Approach (Published on July 15, 2023) Insider threats pose a significant cybersecurity risk that originates from within an organisation. These threats can come from current or former employees, contractors, or anyone else with intimate knowledge of the organisation’s systems and procedures. The article provides a comprehensive approach to mitigate these threats, including establishing a robust insider threat program, educating and training employees, monitoring user activity, and implementing strict access controls. More details
- Threat Actor Profile: APT29 (Published on July 16, 2023) APT29, also known as Cozy Bear, is a Russian hacker group believed to be affiliated with one or more Russian intelligence agencies. The group has been operating since at least 2008 and is known for its advanced capabilities to launch highly targeted attacks like the SolarWinds supply-chain attacks. The article provides insights into their tactics, techniques, and procedures (TTPs), known exploits, target geography, and motivations. More details
- Insecure Direct Object References (IDOR) (Published on July 17, 2023) Insecure Direct Object References (IDOR) vulnerabilities pose a significant threat to web application security. The article provides a comprehensive exploration of IDOR, its implications, and how it can be mitigated. It also includes popular tutorials for exploiting IDOR and case studies highlighting the impact of IDOR vulnerabilities. More details
- MITRE Engenuity Introduces Threat Report ATT&CK Mapper (TRAM) (Published on July 18, 2023) MITRE Engenuity’s Centre for Threat-Informed Defence has developed a new open-source platform, the Threat Report ATT&CK Mapper (TRAM). TRAM is designed to advance research into automating the mapping of cyber threat intelligence reports to known tactics, techniques, and procedures (TTPs). More details
Other Cybersecurity News
In addition to the articles from Threat Intelligence Report, there have been several other significant developments in the world of cybersecurity over the past week:
- The Biden-Harris Administration announced a new cybersecurity labeling program for smart devices to protect American consumers. The National Institute of Standards and Technology (NIST) will complete this work by the end of 2023. More details
- Cybersecurity news outlet Secmentis reported that LockBit and Clop were responsible for almost 40% of June’s ransomware attacks. More details
- Cybersecurity news outlet Cyware reported a surge in Mallox Ransomware activity by 174%. More details
- Microsoft released security updates to address multiple vulnerabilities in Microsoft software. More details