TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

F5 Labs

Recommended Security Controls for 2020

2020-01-15 · Read original ↗

ATT&CK techniques detected

11 predictions
T1566.002Spearphishing Link
92%
“stuffing and phishing. many of the breaches in 2017, 2018, and 2019 were tied to attackers taking credentials and abusing email accounts. our breach analysis showed that email is directly attributed as a factor in more than one out of five breach reports. why? email is a primary …”
T1078Valid Accounts
89%
“’ ve talked about strong authentication but there is also a need for strong authorization. this means taking a hard look at the permissions associated with any credential set. basically, once someone is logged in, what can they do? this is where least privilege should be used, so…”
T1078.004Cloud Accounts
88%
“- safe - - part - 2 - - breach - highlights - for - the - past - 3 - years. html ) like malicious and accidental leaks and unexpected outages ( / content / f5 - labs - v2 / en / labs / articles / threat - intelligence / is - the - cloud - safe - - part - 1 - - models - and - misa…”
T1498Network Denial of Service
82%
“- iot - - so - easy - to - compromise - - children - are - doing - it. html ). attacks of this scale mean that organizations need to think beyond simplistic blocking techniques and look into more advanced bot blocking strategies ( / content / f5 - labs - v2 / en / labs / articles…”
T1525Implant Internal Image
67%
“which are increasing in usage. lastly, large platforms and complex applications, especially in the cloud, make extensive use of apis to link up services and third parties. this growth trend means that apis represent a growing attack surface for all the common web attacks, especia…”
T1556.006Multi-Factor Authentication
64%
“resource tampering parasites ( / content / f5 - labs - v2 / en / labs / articles / threat - intelligence / echobot - malware - now - up - to - 71 - exploits - - targeting - scada. html ). for app clients, we recommend you : use updated antivirus ( av ) software apply critical pat…”
T1557.001Name Resolution Poisoning and SMB Relay
48%
“the least privilege principle monitor changes to cloud systems, especially comparing against expected configurations log and alert on suspicious access and actions develop and test incident response and recovery capability another major contemporary threat to application infrastr…”
T1498.001Direct Network Flood
41%
“- iot - - so - easy - to - compromise - - children - are - doing - it. html ). attacks of this scale mean that organizations need to think beyond simplistic blocking techniques and look into more advanced bot blocking strategies ( / content / f5 - labs - v2 / en / labs / articles…”
T1588.006Vulnerabilities
37%
“recommended security controls for 2020 in 2019, we presented a variety of threat intelligence to help defenders design and bolster their defenses. this included data - driven intelligence on web attacks, api security incidents, ransomware, tls snooping, bot denial - of - service …”
T1499Endpoint Denial of Service
35%
“- iot - - so - easy - to - compromise - - children - are - doing - it. html ). attacks of this scale mean that organizations need to think beyond simplistic blocking techniques and look into more advanced bot blocking strategies ( / content / f5 - labs - v2 / en / labs / articles…”
T1498Network Denial of Service
34%
“also take advantage of legacy protocols and semi - trustworthy certificates, so organization should always be aware of what users need and lock down everything else. to ensure conversations and transactions remain private, we recommend : security awareness training, especially re…”

Summary

F5 Labs recommends security controls based on the top 2019 cyber threats. Learn how these recommendations tie into the best practices to prevent data breaches.