Microsoft case study of TTPs in a ransomware attack
The Microsoft Detection and Response Team (DART) has published a detailed technical case study of the TTPs used in an attack where the actor eventually deployed the Cuba ransomware.
This study describes how the actor was able to use commodity tools to launch malicious code and gain persistence. Importantly, it also includes technical measures that organisations can use to monitor networks to detect TTPs and anomalous behaviour.
Ransomware continues to be a threat to organisations globally, as actors’ techniques continue to evolve. The findings here again make the case why it’s so important for organisations to take proactive action to monitor networks.
The NCSC has guidance for organisations advising how to mitigate ransomware and other malware.
Google support for Chrome browser on Windows 7 and 8/8.1 to end in early 2023
Google has announced that from February 2023 it will no longer support Chrome running on Windows 7, Windows 8/8.1 and so no updates will be released.
This is also a timely reminder that Microsoft support for Windows 7 and 8.1 ends in January 2023.
Running out-of-support operating systems presents a real security threat. The NCSC has advice for organisations on keeping software up to date and managing obsolete products.
New professional standard for cyber security professionals in the UK
The UK Cyber Security Council has launched a pilot programme to bring a universally recognised professional standard to the cyber security profession.
Cyber security professionals will be able to achieve three titles: Associate, Principal or Chartered status, which will recognise their skills, experience and knowledge. The aim is to bring clarity for both practitioners and employers across the UK.
The pilot will focus on two specialisms: Cyber Security Governance & Risk Management and Secure System Architecture & Design.
Blog from NCSC Technical Director, reflecting on some big cyber security questions
The outgoing NCSC Technical Director Ian Levy has written a valedictory blog, which considers a number of big-topic cyber security questions, including:
-why it’s important to address the root causes of difficult security problems
-how the cyber security community should get better at learning from the past
-the need to balance commercial and national security interests
The blog concludes with ‘a grand unified theory of the cyberz’, with a goal to deliver ‘repeatable, evidence-based, rigorous cyber security, which in the end is what cyber security is all about’.