What is a threat model? Threat modelling, as defined by OWASP, “works to identify, communicate, and understand threats and mitigations within the context of protecting something of value”. It is a way of structuring thinking around what critical assets an organization has and which are the likely threats to that organization. There are many different ways […]
A recent indictment revealed how the GRU (Russia’s Military Intelligence agency) used both influence operations and network intrusions to achieve its policy aims. More precisely, the GRU weaponized the use of the network intrusions in its influence operations. The indictment goes into detail about the TTPs (Tactics, Techniques and Procedures) used by the attackers and […]