The introduction of the MITRE ATT&CK evaluations is a welcomed addition to the third-party testing arena. The ATT&CK framework, and the evaluations in particular, have gone such a long way in helping advance the security industry as a whole, and the individual security products serving the market. The insight garnered from these evaluations is incredibly…
Read More
Full disclosure: I am a security product testing nerd*. I’ve been following the MITRE ATT&CK Framework for a while, and this week the results were released of the most recent evaluation using APT29 otherwise known as COZY BEAR. First, here’s a snapshot of the Trend eval results as I understand them (rounded down): 91.79%…
Read More
A growing concern of security professionals is internal phishing attacks – phishing emails sent from one trusted user to another of the same organization. Internal phishing emails are used in multi-stage attacks in which an email account is owned either by controlling the users device with previously installed malware or by compromising the account credentials…
Read More
