Geeks for your information Security Security Vendors EmsiSoft Emsisoft Blog Articles v
New in 2021.10: Introducing MITRE ATT&CK malware behavior patterns
New in 2021.10: Introducing MITRE ATT&CK malware behavior patterns
harlan4096 Online
MalWare Zoo Team
*******
Posts: 14,998
Threads: 9,765
Thanks Received: 9,132 in 7,284 posts
Thanks Given: 9,953
Joined: 12 September 18
#1
Information  05 October 21, 06:15
Quote:
[Image: Blog_202110.png.webp]

New support for MITRE ATT&CK behavior patterns

MITRE ATT&CK is a public knowledge base of adversary tactics and techniques. It allows standardized classification of malware behavior patterns. More information here.

The new Incidents panel in MyEmsisoft now provides information on which behavior patterns are used by alerted threats. While not all MITRE ATT&CK patterns apply to endpoints, many do. With this month’s release, we are adding an initial set of 7 supported malware tactics. Over the next few months, we plan to add support for more than 100 of them to cover the entire spectrum of endpoint security-related threats.

When you open an Incident in your workspace you will see which MITRE ATT&CK tactics were found in the alerted process.

Please note that this feature is only available in Emsisoft Business Security and Emsisoft Enterprise Security plans. Compare editions.

All 2021.10 improvements in a nutshell

Device protection (desktop)
  • As announced earlier, we are ending support for operating systems older than Windows 10 and also end support for non-64-bit systems. From here on, installations on non-supported systems will no longer receive software updates but malware detection updates only.
  • New UI customization feature to disable workspace management controls on devices.
  • Several minor tweaks and fixes.
Management console (web app)
  • New UI customization feature to disable workspace management controls on devices (via protection policies).
  • Several minor tweaks and fixes.
How to obtain the new version

As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically during your regularly scheduled updates, which are hourly by default.

Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. This gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically.

Have a great and well-protected day!
...
Continue Reading
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Surfshark Antivirus Video
Surfshark Antivirus_...jasonX — 05:09
K-Lite Codec Pack 19.1.0 / 19.1.1 Update
Changes in 19.1.1 ...harlan4096 — 07:00
Manjaro Linux 25.0.6 Build 250730
Manjaro Linux 25.0...harlan4096 — 06:57
Brave 1.80.125
Release Channel 1....harlan4096 — 06:55
Vivaldi 7.5 Build 3735.58
Vivaldi 7.5 Build ...harlan4096 — 06:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (41)schanumget
avatar (49)apertosibBip
avatar (43)MatthewTop
avatar (47)RussellRuigh
avatar (54)isyqop
avatar (44)AntoineLer
avatar (38)prefenouff
avatar (39)emogig
avatar (47)riafootgtap
avatar (38)fixlnub
avatar (45)greencek
avatar (46)floraJoumn
avatar (41)Isabelle88Nes
avatar (41)ferpuMip
avatar (38)kinotExaro
avatar (50)HerbertPab
avatar (47)Susanskymn
avatar (41)stepaRurry
avatar (37)torieyang
avatar (44)WilsonHep
avatar (43)pironfub
avatar (38)trafgawark
avatar (46)MichaelPlaup
avatar (50)oskasGok
avatar (39)hattiepn1
avatar (39)JasonSoult
avatar (36)hyxamuc
avatar (25)Arshi1

[-]
Online Staff
There are no staff members currently online.

>