I heard about this today on the Cyberwire. The article is titled Microsoft shifts to a new threat actor naming taxonomy.
Microsoft of course runs Defender. I personally don’t recommend defender, but in this field, it is better than running nothing.
They do some great write ups on these actors, so the work is good. Defender claims to be part of the top of the chain, however I’ve seen in situations that it doesn’t pick things up at all and I know it is dangerous.
With that said, if this naming tactic works for everyone, than I’m game too.
Thanks for reading, make it a great day.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.