SOC Prime to Present at 2025 MITRE ATT&CK® Community Workshop – Source: socprime.com https://ciso2ciso.com/soc-prime-to-present-at-2025-mitre-attck-community-workshop-source-socprime-com/ #MITREATT&CKCommunityWorkshop #rssfeedpostgeneratorecho #CyberSecurityNews #MITREATT&CK #socprimecom #socprime #ATT&CK #News

We welcome ATT&CK v17:

https://attack.mitre.org/resources/updates/updates-april-2025/

Time to update your mappings :).

#redteam, #blueteam, #threatintel, #att&ck

This is AT&T's email with images blocked. Fail! #email #att #a11y #usability

AT&T Email-To-Text Gateway Service Ending - Longtime Slashdot reader CyberSlugGump shares a support article from AT&T, wri... - https://mobile.slashdot.org/story/25/04/04/2312231/att-email-to-text-gateway-service-ending?utm_source=rss1.0mainlinkanon&utm_medium=feed #att

It's probably wise to consider their respective scopes. ATT&CK describes threats that affect typical enterprise networks whereas FiGHT is dedicated to the equipment that can be found in a typical mobile carrier. This results in a disparity in the relative availability and quality of data from which each is sourced. There is a significant amount of knowledge that exists publicly about enterprises being breached whereas, not only are there less organisations in the mobile carrier bracket but there is also less public disclosure when their assets are affected. The result is that whilst ATT&CK demands evidence in the form of public TI, FiGHT necessarily takes a more speculative approach and new threats can be introduced without need for citable examples in the wild.

We tend to start with ATT&CK even when we're mapping SP networks since the reality is that most mobile carriers are also enterprises and most SPs still need to protect their Windows, Linux and Networking assets against known threats (witness the Salt Typhoon reporting etc) even before they worry about the speculative threats in FiGHT. That's not to say we don't consider mobile specific threats but in many cases, ATT&CK does a sufficient job of describing them such that a specialist such as myself can make the link between the generalised case in ATT&CK and what a more specific version of a threat targetting an SP might look like. As an example, the threat models we produced for stc and others are based on ATT&CK but included consideration for threats targetting assets providing/using SS7, GTP, HLR, VLR etc. The fact is that a breach of the packet core of a mobile carrier is likely to stem from things like weak passwords, missing patches or poor configuration etc, threats that ATT&CK is more than capable of describing.

As far as customer adoption, I'd say start with ATT&CK and worry about FiGHT later. If you're building a SOC, you will get high quality signals from things like firewalls/EDR/OS logs etc if you hunt for things in ATT&CK whereas try the same with FiGHT and it may be a time consuming and ultimately unsuccessful endeavour.

Apples Tracking-Nachfrage in #iOS: Frankreich sieht Wettbewerbsverzerrung | Mac & i https://www.heise.de/news/Apples-Tracking-Nachfrage-in-iOS-Frankreich-sieht-Wettbewerbsverzerrung-10334656.html #Apple #Datenschutz #privacy #Training #ATT #AppTrackingTransparency

[fr] L’Autorité de la #concurrence (#antitrust) sanctionne #Apple d’une amende de 150 M euros, pour avoir ... abusé de sa position dominante ...

... l’objectif poursuivi par ... #ATT [App Tracking Transparency] n’est pas critiquable ... modalités ... ne sont ni nécessaires ni proportionnées ...

... une multiplication des fenêtres de recueil de #consentement compliquant excessivement ...

https://www.autoritedelaconcurrence.fr/fr/article/ciblage-publicitaire-lautorite-de-la-concurrence-prononce-une-sanction-de-150-000-000-euros

France’s Antitrust Watchdog Fines Apple for Problems With App Tracking Transparency https://www.securityweek.com/frances-antitrust-watchdog-fines-apple-for-problems-with-app-tracking-transparency/ #AppTrackingTransparency #Privacy&Compliance #Privacy #privacy #France #Apple #fine #ATT

France’s Antitrust Watchdog Fines Apple for Problems With App Tracking Transparency https://www.securityweek.com/frances-antitrust-watchdog-fines-apple-for-problems-with-app-tracking-transparency/ #AppTrackingTransparency #Privacy&Compliance #Privacy #privacy #France #Apple #fine #ATT

Apple erhält ungewöhnliche Geldstrafe von 162 Millionen Dollar wegen App-Tracking-Transparenz
Apple wur
https://www.apfeltalk.de/magazin/news/apple-erhaelt-ungewoehnliche-geldstrafe-von-162-millionen-dollar-wegen-app-tracking-transparenz/
#News #Services #AppTrackingTransparenz #Apple #ATT #Datenschutz #Datenschutzkonflikt #Frankreich #Geldstrafe #Nutzerdaten #PersonalisierteWerbung #Privatsphre #RegulatorischeEntscheidungen #SocialMedia #Werbebranche #Werbetreibende #Wettbewerbsbehrde

Apple è stata multata in Francia per 150 milioni di euro per la funzionalità App Tracking Transparency, ritenuta dannosa per la concorrenza. L'antitrust francese accusa Apple di abuso di posizione dominante, con un'implementazione vista come non neutrale. #Apple #ATT #Francia #Antitrust #Privacy

Targeted advertising: the Autorité de la concurrence (French antitrust watchdog) imposes a fine of €150,000,000 on #Apple for the implementation of the App Tracking Transparency #ATT framework

https://www.autoritedelaconcurrence.fr/en/press-release/targeted-advertising-autorite-de-la-concurrence-imposes-fine-eu150000000-apple

Farewell to Mark Klein, network engineer, civil libertarian, citizen, hero.

#surveillance #civilliberties #nsa #att #eff #citizen #whistleblower

https://www.eff.org/deeplinks/2025/03/memoriam-mark-klein-att-whistleblower-about-nsa-mass-spying

Late night chat on ATT&CK Slack about malware authors cross-compiling on Linux and OS X. I have a couple of Linux examples, but we'd be curious to see some OS X cases, particularly if they're using cross-compatibility?

#osx, #linux, #threatintel, #att&ck

AT&T Has the Best Deals on Samsung Mobile Devices and Accessories
#Variety #News #ATT #NOADS #Samsung #Shopping #Tech

https://variety.com/2025/shopping/news/best-samsung-att-deals-online-1236339370/

I still haven’t gotten over how #ATT recklessness dropped my personal data onto the dark web. And I’ll never do business with them again. #Consequences

If anyone's got a real live #ATT outside plant/maintenance contact, this SAI cabinet in #Memphis has had all 4 of its doors flapping wide open for a couple weeks.

Map link: https://maps.app.goo.gl/UKcJ3jaskkRZbhat8

"In 2006, a retired AT&T engineer knocked on the door of the EFF's office in a rundown part of San Francisco's Mission district and asked, "Do you folks care about privacy?" With him he carried schematics exposing the largest US government domestic spying operation since Watergate.

That person was Mark Klein, who died on March 8 this year from cancer. He was 79.

After a life working in telecoms, Klein realized he had helped the NSA wire up a listening station in AT&T's San Francisco switching facility - the infamous Room 641A - that was being used to illegally spy on Americans.

The evidence he gathered and shared led to two lawsuits that exposed the extent to which US citizens were being spied on by their own government in the post-9/11 world. Klein faced legal pressure, death threats, and the constant fear of ruin, to get his story out and tell the public what was going on. But Klein regretted nothing."

https://www.theregister.com/2025/03/15/rip_mark_klein/