Exploit
An attacker can scan for vulnerable hosts that can be attacked by an exploit. For example, MS08-67 is an exploit that can be used to create a reverse shell on a remote Windows machine.
Malware/Threat actors
| Name | Type | Years | Source |
|---|---|---|---|
| RedOctober | malware | 2012-2013 | 2013.01.14.Red_October_Campaign
|
| Regin | malware | 2008-2013 | regin-analysis.pdf
Kaspersky_Lab_whitepaper_Regin_platform_eng.pdf ICIT-Brief-Know-Your-Enemies-2.0.pdf stamp.jsp?tp=&arnumber=7460498&tag=1 |
| Operation Cleaver | threat actor | 2012-2013 | Cylance_Operation_Cleaver_Report.pdf
stamp.jsp?tp=&arnumber=7460498&tag=1 |
| Emotet | malware | 2014-2019 | new-banking-malware-uses-network-sniffing-for-data-theft
|
| APT28 | threat actor | 2008-2016 | APT28-Center-of-Storm-2017.pdf
CYBERWAR-fd_2_.pdf JAR_16-20296A_GRIZZLY%20STEPPE-2016-1229.pdf journey-zebrocy-land threat-group-4127-targets-hillary-clinton-presidential-campaign stamp.jsp?tp=&arnumber=7460498&tag=1 |
| Threat Group 3390 | threat actor | 2010-2018 | threat-group-3390-targets-organizations-for-cyberespionage
bronze-union 86083 |
| WannaCry | malware | 2017 | wannacry-malware-profile.html
TA17-132A a-technical-analysis-of-wannacry-ransomware |
Preventions
<Mitigation techniques>
Detections
<Detection techniques>
Toolkit
<Toolkit instructions, if applicable>
Similar techniques
References
[<Source name>](<Source link>)