Skip to content

Threat Intel Content Update: 9/18/24

  • September 18, 2024

CosmicBeetle, Mustang Panda, Lynx Ransomware, Monti Ransomware

Threat Objects & Tags

    • CosmicBeetle: An extortion actor active since 2020 that appears to be a new affiliate of the trending RansomHub ransomware operation.

    • Mustang Panda: Several new Technique & Software relationships for this China-based espionage actor, which has targeted a wide range of organization types in the US, Europe, & Asia.

  • Updated Threat Profile: Monthly “Major & Emerging Ransomware” curated Threat Profile update, featuring newly published objects Lynx Ransomware and Monti Ransomware.

Product Highlights

  • New Integration:

    • SentinelOne Singularity XDR - Get Capabilities - The Get Capabilities integration retrieves detection rules and generates new detection capabilities for ATT&CK Technique IDs referenced in each rule's description.

  • Integration Updates:

    • Wiz - Get Capabilities - New enhancements will be released on 9/18, including overall stability improvements, allowing future updates to immediately take effect on the next run versus the scheduled 1-week cooldown, and the individual Test data from a Report is now housed under the "Availability" column for each capability.

 

Data-Driven Threat-Informed Defense

Meet Tidal Enterprise Edition

Quickly and easily develop custom threat profiles and defensive stacks, see your coverage and identify gaps and redundancies, and get daily recommendations to improve your cybersecurity posture.