Mitre ATT&CK Framework Update
It is time for another blog post, this time looking at the recent update to the Mitre ATT&CK framework. The Mitre ATT&CK framework version 9 was released on 29th April, which contained many additional techniques and sub-techniques. As Elemendar’s READ product uses Mitre ATT&CK to extract attack patterns from CTI
Elemendar News 18 – Feb / March 21
The sharp-eyed among you may have noticed we released no news for Feb. We’ve been so busy since our successful fundraise in Dec that I sat down to write it and only then realised we were in late March already. Despite the pandemic, time is moving swiftly in cybersecurity and
STIX2.1 Update Overview
Firstly, this is a picture of my much-loved tortoise Bob. We have another named Terabyte, but she doesn’t like the camera. And of course, we have a bundle of sticks. I couldn’t find a picture of sticks that I liked, so I took this one, with Bob. At Elemendar, we
Spectre Exploit Technical Analysis
CVE-2017-5753, commonly known as Spectre, is a side-channel attack which exploits the speculative execution processes performed by modern CPU’s. So what do these terms mean? Side-channel attacks A side-channel attack is an attack based on information gained from the actual implementation of a computer system, rather than weaknesses in an
Open Source CTI & Foresight Analysis
Looking at different use cases for Open Source Intelligence - contrasting ‘Foresight analysis’ with ‘Cyber Threat Intelligence’ Open-source intelligence means using data and information that is readily available (generally for free) in the public domain to gain a better understanding of things. In this post, I’m going to explore two
5 hours’ CTI in just 18 seconds!
So, here we are in Jan 2021. A new year. Please take a well deserved deep breath. Here at Elemendar (like most of us in cyber) we are busy. Already since our successful raise in December, we have four new full-time team members. This brings us to eleven full time and