OilRig uses stolen credentials, social engineering and other techniques to steal sensitive data from government, military, financial services, telecommunications and other critical infrastructure to carry out supply chain attacks. Ashwin Radhakrishnan, general manager of ATT&CK Evaluations at Mitre Engenuity, said more than 50 percent of organizations turn to security service providers to safeguard their networks and data and the ATT&CK Evaluations program sought to study how these companies use threat-informed defense practices in support of their customers.
Read full article on ExecutiveBiz