Geeks for your information Security Security Vendors EmsiSoft Emsisoft Blog Articles v
New in 2021.10: Introducing MITRE ATT&CK malware behavior patterns
New in 2021.10: Introducing MITRE ATT&CK malware behavior patterns
harlan4096 Offline
MalWare Zoo Team
*******
Posts: 16,113
Threads: 10,248
Thanks Received: 9,332 in 7,478 posts
Thanks Given: 10,289
Joined: 12 September 18
#1
Information  05 October 21, 06:15
Quote:
[Image: Blog_202110.png.webp]

New support for MITRE ATT&CK behavior patterns

MITRE ATT&CK is a public knowledge base of adversary tactics and techniques. It allows standardized classification of malware behavior patterns. More information here.

The new Incidents panel in MyEmsisoft now provides information on which behavior patterns are used by alerted threats. While not all MITRE ATT&CK patterns apply to endpoints, many do. With this month’s release, we are adding an initial set of 7 supported malware tactics. Over the next few months, we plan to add support for more than 100 of them to cover the entire spectrum of endpoint security-related threats.

When you open an Incident in your workspace you will see which MITRE ATT&CK tactics were found in the alerted process.

Please note that this feature is only available in Emsisoft Business Security and Emsisoft Enterprise Security plans. Compare editions.

All 2021.10 improvements in a nutshell

Device protection (desktop)
  • As announced earlier, we are ending support for operating systems older than Windows 10 and also end support for non-64-bit systems. From here on, installations on non-supported systems will no longer receive software updates but malware detection updates only.
  • New UI customization feature to disable workspace management controls on devices.
  • Several minor tweaks and fixes.
Management console (web app)
  • New UI customization feature to disable workspace management controls on devices (via protection policies).
  • Several minor tweaks and fixes.
How to obtain the new version

As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically during your regularly scheduled updates, which are hourly by default.

Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. This gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically.

Have a great and well-protected day!
...
Continue Reading
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
QOwnNotes
26.4.0  LanguageT...Kool — 08:39
Surfshark VPN : Award-winning VPN servi...
Surfshark Apps Ver...jasonX — 04:41
Surfshark VPN : Award-winning VPN servi...
Surfshark launches...jasonX — 03:43
ESET 19.1.12.0
Changes in 19.1.12...harlan4096 — 14:49
Vivaldi 7.9 Build 3970.47
Vivaldi 7.9 Build ...harlan4096 — 07:31

[-]
Birthdays
Today's Birthdays
avatar (48)cticigges
avatar (50)ecoFit
avatar (44)soccejeS
Upcoming Birthdays
avatar (45)wapedDow
avatar (49)oapedDow
avatar (42)Sanchowogy
avatar (46)MeighGoask
avatar (47)creatralGuelm
avatar (38)procnipsut
avatar (44)accenwibly
avatar (41)ahyvily
avatar (38)urumahiz
avatar (44)techlignub
avatar (43)Stevenmam
avatar (50)onlinbah
avatar (50)fuspeukChark
avatar (44)werriewWaiNg
avatar (38)Freemanleo
avatar (43)cdoubapKit
avatar (38)lystraPonia
avatar (31)smith8395john
avatar (51)steakelask
avatar (45)Termoplenka
avatar (43)bycoPaist
avatar (49)pieloKat
avatar (43)ilyagNeexy
avatar (51)donitascene
avatar (51)burntLaw
avatar (41)MrDoorsskibheeds
avatar (51)Toligo
avatar (46)Rodneykak
avatar (49)tradeSmode
avatar (39)vemedProkbior
avatar (38)RobertUtelt
avatar (46)JamesZic
avatar (43)Sanfordbup
avatar (38)Der.Reisende
avatar (36)Kiran78

[-]
Online Staff
There are no staff members currently online.

>