Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/SophosXOps/statuses/111853326268319787">Sophos X-Ops (sophosxops@infosec.exchange)'s status on Thursday, 01-Feb-2024 09:26:19 JST</a><a href="https://infosec.exchange/@SophosXOps" title="sophosxops@infosec.exchange"><img src="https://gnusocial.jp/avatar/239450-48-20240201002619.webp" width="48" height="48" alt="Sophos X-Ops" style="position: absolute; left: 0; top: 0;">Sophos X-Ops</a></section><article><p>In August of last year, Sophos X-Ops unveiled its approach to attribution: Rather than focusing on the “who” of attacks, Sophos X-Ops focuses on the “how.” By analyzing highly specific behavioral clues left behind by the attackers, we can find new links between threat activity clusters (TACs) to shorten two of the most critical pieces of responding to an attack: time to detect and time to respond.</p><p>On Monday this week, Sophos X-Ops' Morgan Demboski presented our threat activity cluster system at the SANS Cyber Threat Intelligence Summit, specifically as it relates to unraveling the complex underground ransomware network. </p><p><a href="https://news.sophos.com/en-us/2023/08/08/enough-attribution-to-count/" rel="nofollow noreferrer">https://news.sophos.com/en-us/2023/08/08/enough-attribution-to-count/</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2661615#notice-5274511">In conversation</a><time datetime="2024-02-01T09:26:19+09:00" title="Thursday, 01-Feb-2024 09:26:19 JST">about a year ago</time> <span>from <span><a href="https://infosec.exchange/@SophosXOps/111853326268319787" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@SophosXOps/111853326268319787">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: news.sophos.com</div><h5><a href="https://news.sophos.com/en-us/2023/08/08/enough-attribution-to-count/">Enough attribution to count</a></h5><div> from <span>Chester Wisniewski</span></div></header><div>Naming and shaming the bad guys can be gratifying, but for practical protection, Threat Activity Clusters are the way</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Sophos X-Ops (sophosxops@infosec.exchange)'s status on Thursday, 01-Feb-2024 09:26:19 JST Sophos X-Ops
In August of last year, Sophos X-Ops unveiled its approach to attribution: Rather than focusing on the “who” of attacks, Sophos X-Ops focuses on the “how.” By analyzing highly specific behavioral clues left behind by the attackers, we can find new links between threat activity clusters (TACs) to shorten two of the most critical pieces of responding to an attack: time to detect and time to respond.
On Monday this week, Sophos X-Ops' Morgan Demboski presented our threat activity cluster system at the SANS Cyber Threat Intelligence Summit, specifically as it relates to unraveling the complex underground ransomware network.
https://news.sophos.com/en-us/2023/08/08/enough-attribution-to-count/
In conversationabout a year ago from infosec.exchangepermalink
Attachments
1. Domain not in remote thumbnail source whitelist: news.sophos.com
  Enough attribution to count
  from Chester Wisniewski
  Naming and shaming the bad guys can be gratifying, but for practical protection, Threat Activity Clusters are the way

Public

Embed Notice

HTML Code

Corresponding Notice