▾ G11 Media Network: | ChannelCity | ImpresaCity | SecurityOpenLab | GreenCity | Italian Channel Awards | Italian Project Awards | ...
InnovationOpenLab

MITRE Engenuity™ Releases Findings of New MITRE ATT&CK® Evaluations for 11 Managed Security Service Providers

#ATTCK--MITRE Engenuity ATT&CK® Evaluations (ATT&CK Evals) released its second round of independent ATT&CK Evaluations for managed security services providers (MSSP). Through the lens of ...

Business Wire

ATT&CK Evaluations test cybersecurity providers against adversary behavior informed by menuPass and ALPHV/BlackCat Ransomware

MCLEAN, Va. & BEDFORD, Mass.: #ATTCK--MITRE Engenuity ATT&CK® Evaluations (ATT&CK Evals) released its second round of independent ATT&CK Evaluations for managed security services providers (MSSP). Through the lens of the MITRE ATT&CK knowledge base, this round of ATT&CK Evals focused on adversary behavior informed by menuPass (G0045), a Chinese-based threat group, and an ALPHV/BlackCat ransomware affiliate.

“In collaboration with the 11 providers who participated in this round of ATT&CK Evaluations Managed Services, we rigorously and transparently tested services against two well-known and prolific adversaries,” said William Booth, general manager, ATT&CK Evals, MITRE Engenuity. “The evidence-based results of the evaluation are a valuable resource for organizations in determining which security solutions best address their needs.”

The participants of this evaluation included:

Results of the evaluations are posted at https://attackevals.mitre-engenuity.org/.

This round of ATT&CK Evals emulated a multi-subsidiary compromise with overlapping operations focusing on defense evasion, exploiting trusted relationships, data encryption, and inhibiting system recovery. ATT&CK Evals mirrored the techniques and malware of menuPass, as well as an ALPHV/BlackCat affiliate’s deployment of BlackCat ransomware to Windows and Linux ESXi servers, highlighting data encryption/destruction and system recovery obstruction behaviors.

Active since at least 2006, menuPass (aka APT10) is believed to be sponsored by the Chinese Ministry of State Security. The group focuses on the exfiltration of sensitive data such as intellectual property and business intelligence in support of Chinese national security objectives. menuPass has targeted the aerospace, construction, engineering, government, and telecommunications sectors primarily in the U.S., Europe, Japan, and Southeast Asia.

“menuPass exemplifies the sophistication and versatility of modern adversaries,” said Amy Robertson, cyber threat intelligence engineering lead, ATT&CK Evals. “The group has demonstrated an affinity to living-off-the-land, while obscuring their activities through fileless execution and obfuscation to evade security controls and hinder analysis. They also have infiltrated trusted relationships to amplify their reach, representing a threat adept at exploiting vulnerabilities in both technology and trust itself."

ALPHV/BlackCat, a prolific Russian-speaking RaaS group that emerged in 2021, is linked to BlackMatter, DarkSide, REvil, and other RaaS groups. ALPHV/BlackCat utilizes ransomware coded in Rust, allowing for enhanced performance, flexibility, and cross-platform capabilities. Group affiliates are alleged to have targeted more than 1,000 victims across the globe, prior to the FBI’s disruption of the group.

“ALPHV/BlackCat represents a potent, multi-vector threat, capitalizing on technical innovations to maximize impact,” added Robertson. “The group’s ransomware-as-a-service (RaaS) model enabled affiliates to leverage defense evasion techniques like obfuscation and kill processes to disable defenses, and to use core data encryption functionality to cripple business operations across sectors.”

Within the evaluation, emulation of menuPass and ALPHV/BlackCat assessed a provider’s ability to detect threats that prioritize stealth, leverage trusted relationships and system tools, and inhibit system recovery through data destruction and encryption.

ABOUT MITRE ENGENUITY

MITRE Engenuity, a subsidiary of MITRE, is a tech foundation for public good. MITRE’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to tackle challenges to the safety, stability, and well-being of our nation.

MITRE Engenuity brings MITRE’s deep technical know-how and systems thinking to the private sector to solve complex challenges that government alone cannot solve. MITRE Engenuity catalyzes the collective R&D strength of the broader U.S. federal government, academia, and private sector to tackle national and global challenges. www.mitre-engenuity.org

ABOUT MITRE ENGENUITY ATT&CK® EVALUATIONS

ATT&CK® Evaluations is built on the backbone of MITRE’s objective insight and conflict-free perspective. Cybersecurity vendors turn to the ATT&CK Evals program to improve their offerings and to provide defenders with insights into their product’s capabilities and performance. ATT&CK Evals enables defenders to make better informed decisions on how to leverage the products that secure their networks. The program follows a rigorous, transparent methodology, using a collaborative, threat-informed, purple-teaming approach that brings together vendors and MITRE experts to evaluate solutions within the context of ATT&CK. In line with MITRE Engenuity’s commitment to serve the public good, ATT&CK Evals results and threat emulation plans are freely accessible. https://attackevals.mitre-engenuity.org/

Fonte: Business Wire

If you liked this article and want to stay up to date with news from InnovationOpenLab.com subscribe to ours Free newsletter.

Related news

Last News

Sparkle works on environmentally sustainable content distribution

The Italian company partners with MainStreaming for high-performance, energy-efficient video streaming

Fintech: Links tests the use of exponential technologies in the banking…

Links Management and Technology just concluded the testing phase of a research project focused on banking transformation

Axyon AI: Italian Artificial Intelligence for Finance applications

Axyon AI offers an AI platform specifically designed for asset management, with several interesting strengths for those approaching machine/deep learning…

Italian Artificial Intelligence tackles medical emergencies at sea

Mermaid-AI is a telehealth platform at sea based on a visor equipped with an AR, medical Artificial Intelligence algorithms, satellite communications…

Most read

Sparkle works on environmentally sustainable content distribution

The Italian company partners with MainStreaming for high-performance, energy-efficient video streaming

GlassHive Announces Integration with ConnectWise to Elevate the ConnectWise…

#businessautomation--GlassHive, a trailblazer in sales and marketing automation, has announced an integration with ConnectWise, a leading provider of…

SaaS Platforms Give North American Insurers Speed, Agility

$III #AI--Insurance companies in North America are upgrading systems and adopting advanced technologies to overcome the limitations of decades-old IT…

Faraday Future to Host an Investor Community Day at its HQ in Los Angeles…

Faraday Future Intelligent Electric Inc. (Nasdaq: FFIE) (“FF” or the “Company”), a California-based global shared intelligent electric mobility ecosystem…

Newsletter signup

Join our mailing list to get weekly updates delivered to your inbox.

Sign me up!