Medium
ATT&CK v19 Release Introduces Major Changes in Defense Evasion Tactics
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
The ATT&CK framework has released version 19, which includes significant updates to its structure and coverage. Notably, the Defense Evasion Tactic has been split into two distinct categories: Stealth and Defense Impairment, allowing for more precise defensive strategies. This version also introduces sub-techniques for the ICS matrix and initial detection strategies for mobile environments. The updates reflect the evolving landscape of cyber threats, including AI-driven espionage and Iranian hacktivism. The release includes a detailed changelog and guidance for transitioning to the new tactics. The framework now encompasses 949 pieces of software, 178 groups, and 59 campaigns, providing a comprehensive overview of current threat actors and their methods. Security professionals are encouraged to review the changes to enhance their defensive postures against emerging threats.
Key Points: • ATT&CK v19 introduces a split in Defense Evasion into Stealth and Defense Impairment. • New sub-techniques for ICS and detection strategies for mobile environments are included. • The release features a detailed changelog and guidance for transitioning to the updated tactics.