Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
You can look at:
- A collection of public threat intel reports [0]. Lot's of reading though. I did some Splunking on it last year and at least 50% uses phishing for initial access. You could call that a structural vulnerability.
- Exploiting vulnerable public facing stuff is another initial access technique. Here someone collected all the CVEs used by ransomware crews:
- VERIS community database: collection of 8894 security incidents. If you look in the JSON there are some fields describing the vector and the actor.
[0] https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_C...
[1] https://twitter.com/uuallan/status/1437068825636265985
[2] https://github.com/vz-risk/VCDB
You can look at:
- A collection of public threat intel reports [0]. Lot's of reading though. I did some Splunking on it last year and at least 50% uses phishing for initial access. You could call that a structural vulnerability.
- Exploiting vulnerable public facing stuff is another initial access technique. Here someone collected all the CVEs used by ransomware crews:
- VERIS community database: collection of 8894 security incidents. If you look in the JSON there are some fields describing the vector and the actor.
[0] https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_C...
[1] https://twitter.com/uuallan/status/1437068825636265985
[2] https://github.com/vz-risk/VCDB
You can look at:
- A collection of public threat intel reports [0]. Lot's of reading though. I did some Splunking on it last year and at least 50% uses phishing for initial access. You could call that a structural vulnerability.
- Exploiting vulnerable public facing stuff is another initial access technique. Here someone collected all the CVEs used by ransomware crews:
- VERIS community database: collection of 8894 security incidents. If you look in the JSON there are some fields describing the vector and the actor.
[0] https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_C...
[1] https://twitter.com/uuallan/status/1437068825636265985
[2] https://github.com/vz-risk/VCDB