Threat Highlights
New Campaign object (“Pacific Rim Network Device Targeting Campaigns“) based on Sophos' recently published, wide-reaching investigation into China-based threat groups using botnets, novel vulnerability exploits, and custom malware to target firewalls and other perimeter devices.
Considering inherent challenges in securing network devices, such as telemetry collection and detection tuning, this extensive set of TTPs (45 Technique Relationships) can be useful for identifying post-exploit opportunities for detection or mitigation, allowing layering of defenses against sophisticated network device campaigns.
Tidal Tip: You can now review previous CTI updates on our threat content updates page here!
Defense Highlights
Updated Vendors & Products: Elastic Security SIEM and EDR products have been updated to version 8.15