Sign up to save your podcasts
Or
Share What to Know, How to Prevent: menuPass, with Jose Barajas
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
What to Know, How to Prevent: menuPass, with Jose Barajas
Guest: Jose Barajas, Director of Global Sales Engineering, AttackIQ
In episode 8 of Think Bad, Do Good, Jose Barajas and Jonathan Reiber discuss MITRE Engenuity’s Center for Threat-Informed Defense and AttackIQ’s emulation plan for menuPass. This plan will enable defenders to replicate tactics and techniques used by menuPass, a cyber threat actor that has been active since 2006 and whose goals are aligned with the People’s Republic of China’s Five Year plan. Members of the group have, according to MITRE ATT&CK, worked in association with the Chinese Ministry of State Security’s (MSS).
What has been their impact? menuPass is responsible for global intellectual property theft in at least 12 countries. The group has targeted companies within the healthcare, defense, aerospace, and government sectors, with emphasis since 2014 on Japanese victims. As MITRE ATT&CK describes the group’s behavior, “menuPass leveraged its unauthorized access to these managed service providers’ networks to pivot into subscriber networks and steal information from organizations in banking and finance, telecommunications, healthcare, manufacturing, consulting, biotechnology, automotive, and energy.”
In this podcast, you will see and hear about how AttackIQ incorporates MITRE Engenuity’s Center for Threat-Informed Defense’s emulation plan into the Security Optimization Platform to automate the tactics, techniques and procedures used by menuPass. This allows AttackIQ customers to run the emulation plan against their existing and planned security controls to validate their effectiveness and improve their performance against the group. The Security Optimization Platform then provides detailed gap analysis and remediation reports.
Click here to read the transcript: https://www.attackiq.com/podcasts/what-to-know-how-to-prevent-menupass/#transcript
View all episodes
By Think Bad, Do Good PodcastGuest: Jose Barajas, Director of Global Sales Engineering, AttackIQ
In episode 8 of Think Bad, Do Good, Jose Barajas and Jonathan Reiber discuss MITRE Engenuity’s Center for Threat-Informed Defense and AttackIQ’s emulation plan for menuPass. This plan will enable defenders to replicate tactics and techniques used by menuPass, a cyber threat actor that has been active since 2006 and whose goals are aligned with the People’s Republic of China’s Five Year plan. Members of the group have, according to MITRE ATT&CK, worked in association with the Chinese Ministry of State Security’s (MSS).
What has been their impact? menuPass is responsible for global intellectual property theft in at least 12 countries. The group has targeted companies within the healthcare, defense, aerospace, and government sectors, with emphasis since 2014 on Japanese victims. As MITRE ATT&CK describes the group’s behavior, “menuPass leveraged its unauthorized access to these managed service providers’ networks to pivot into subscriber networks and steal information from organizations in banking and finance, telecommunications, healthcare, manufacturing, consulting, biotechnology, automotive, and energy.”
In this podcast, you will see and hear about how AttackIQ incorporates MITRE Engenuity’s Center for Threat-Informed Defense’s emulation plan into the Security Optimization Platform to automate the tactics, techniques and procedures used by menuPass. This allows AttackIQ customers to run the emulation plan against their existing and planned security controls to validate their effectiveness and improve their performance against the group. The Security Optimization Platform then provides detailed gap analysis and remediation reports.
Click here to read the transcript: https://www.attackiq.com/podcasts/what-to-know-how-to-prevent-menupass/#transcript