Raiders of the Lost ARP

Amateur Security Archaeologists, trying not to break things.

Tag: CTI (Page 6 of 11)

AI generated image of a middle-aged adventurer trying to escape threats from all sides.
It's January, shouldn't you meatheads be at the gym and not in my network?

What’s causing Mike’s Indigestion now? Injustice League (26 Jan 2024)

January 25, 2024 /

Hey folks! This may be the last one of these for a couple of weeks, because I am headed to Amsterdam for Cisco Live Europe! I am excited to be talking about MITRE ATT&CK and helping facilitate a Threat Picture discussion with my good friend King Mark. We’ve got a lot of nation stake hackers causing a ruckus, so let’s go ahead and get into the threat update and look in on some news!

Continue reading
AI-generated photo of a bunch of hackers seemingly posing for a reunion photo.
Conti really wanted to make the 10th reunion, but extradition stood in the way...

What scares you most? How great Threat Pictures are made!

January 22, 2024 /

Most of the posts in the past couple of months have focused on threat modeling tools and use cases. Process-level stuff is interesting, but how do we make sure the inputs are valid? My good friend Mark and I explore that with customers during our Cisco Live interactive breakout, and the things we learn are eye-opening! You can have all the process in the world, but if the inputs are trash, so too will be the outputs. How do we get to the root of it all: What scares you most? We need to ensure we aren’t just wasting our time, right? So how do we paint a great threat picture?

Continue reading
AI Generated image of a weakling adventurer struggling to climb a small wall due to his lack of preparation.
Looks like our hero needs to hit the weight room!

What’s causing Mike’s Indigestion now? Infrastructure Weak! (19 Jan 2024)

January 18, 2024 /

Good morning folks! I had a great time leading a Threat Hunting Workshop at my alma mater, RIT, and meeting some awesome customers, but in my travels I gathered some updates on the threat & vuln side of things that we all should be aware of. And before we get started, I meant to spell “Weak” that way – so let’s get started!:

Continue reading
AI-generated image of a hacker in an aloha shirt trying like crazy to put together a very complex puzzle of all of MITRE ATT&CK's related projects.
MITRE sent me an easy puzzle, but the community blew up the piece count!

Power-up your security: Mapping ATT&CK’s massive ecosystem

January 14, 2024 /

If you are a security professional, MITRE’s ATT&CK is everywhere these days. Even in places it does not belong! That being said, there are a ton of tools, projects, and extensions to ATT&CK. Some are fundamental (like Navigator) while others are niche. How do we tell what is right for us? What projects are essential to power up your security program? For my upcoming Cisco Live presentation in February, I take a crack at mapping ATT&CK’s massive ecosystem to roles and functions. Am I off to a good start? Let’s me share how I tackled this and you can let me know!

Continue reading
AI-generated impage of a little fighter getting the better of a tyrant. These pesky little guys just keep on refusing to quit!
These pesky little guys just keep on refusing to quit!

What’s causing Mike’s Indigestion now? Happy New Fear! (12 Jan 2024)

January 11, 2024 /

Good morning folks! I had a great time in Boston this week hanging out with a cool partner, but in my travels I gathered some updates on the threat side of things that we all should be aware of:

Score one for the good guys!

Cisco Talos and Avast teamed up with Dutch authorities to take down the Babuk Torilla ransomware strain’s key folks, and they have also worked together to provide a decryptor for potential victims.

Continue reading
« Older posts Newer posts »

© 2025 Raiders of the Lost ARP

Theme by Anders NorenUp ↑

Verified by MonsterInsights