Common Information
| Type | Value |
|---|---|
| Value |
User Execution |
| Category | Attack-Pattern |
| Type | Mitre-Ics-Techniques |
| Misp Type | Cluster |
| Description | Adversaries may rely on a targeted organizations’ user interaction for the execution of malicious code. User interaction may consist of installing applications, opening email attachments, or granting higher permissions to documents. Adversaries may embed malicious code or visual basic code into files such as Microsoft Word and Excel documents or software installers. Execution of this code requires that the user enable scripting or write access within the document. Embedded code may not always be noticeable to the user especially in cases of trojanized software |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-03-01 | 70 | Multi-Year Spearphishing Campaign Targets the Maritime Industry Likely for Financial Gain | ||
| Details | Website | 2023-02-28 | 44 | CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks | CISA | ||
| Details | Website | 2023-02-28 | 0 | Hackers Attack Employees from Six Law Firms with the GootLoader and… | ||
| Details | Website | 2023-02-28 | 16 | Aligning Falco’s Cloudtrail Rules with MITRE ATT&CK – Sysdig | ||
| Details | Website | 2023-02-28 | 56 | Anomali Cyber Watch: Newly-Discovered WinorDLL64 Backdoor Has Code Similarities with Lazarus GhostSecret, Atharvan Backdoor Can Be Restricted to Communicate on Certain Days | ||
| Details | Website | 2023-02-27 | 76 | Lumma Stealer targets YouTubers via Spear-phishing Email | ||
| Details | Website | 2023-02-24 | 41 | New WhiteSnake Stealer Offered for Sale Via MaaS Model | ||
| Details | Website | 2023-02-23 | 27 | Mustang Panda APT Group Uses European Commission-Themed Lure to Deliver PlugX Malware | ||
| Details | Website | 2023-02-20 | 31 | Decoding the Inner Workings of DarkCloud Stealer | ||
| Details | Website | 2023-02-17 | 4 | ProxyShellMiner Detection: Novel Crypto-Mining Attacks Abusing CVE-2021-34473 and CVE-2021-34523 ProxyShell Vulnerabilities in Windows Exchange Servers - SOC Prime | ||
| Details | Website | 2023-02-17 | 49 | The Many Faces of Qakbot Malware: A Look at Its Diverse Distribution Methods | ||
| Details | Website | 2023-02-15 | 8 | Uncovering The Dark Side of DarkBit Ransomware | ||
| Details | Website | 2023-02-08 | 21 | Earth Zhulong Familiar Patterns Target Southeast Asian Firms | ||
| Details | Website | 2023-02-06 | 19 | Massive Ransomware Attack Targets VMware ESXi Servers | ||
| Details | Website | 2023-02-02 | 37 | New BATLoader Disseminates RATs and Stealers | ||
| Details | Website | 2023-02-01 | 23 | Qakbot's Evolution Continues with New Strategies | ||
| Details | Website | 2023-02-01 | 37 | Vector Stealer: A Gateway for RDP Hijacking | ||
| Details | Website | 2023-01-31 | 29 | Anomali Cyber Watch: KilllSomeOne Folders Invisible in Windows, Everything APIs Abuse Speeds Up Ransomware, APT38 Experiments with Delivery Vectors and Backdoors | ||
| Details | Website | 2023-01-26 | 14 | Quarterly Report: Incident Response Trends in Q4 2022 | ||
| Details | Website | 2023-01-26 | 33 | Ransomware Spotlight: Magniber - Security News | ||
| Details | Website | 2023-01-25 | 45 | Titan Stealer: The Growing Use of GoLang Among Threat Actors | ||
| Details | Website | 2023-01-25 | 41 | The Rise of Amadey Bot: A Growing Concern for Internet Security | ||
| Details | Website | 2023-01-24 | 16 | Anomali Cyber Watch: Roaming Mantis Changes DNS on Wi-Fi Routers, Hook Android Banking Trojan Has Device Take-Over Capabilities, Ke3chang Targeted Iran with Updated Turian Backdoor | ||
| Details | Website | 2023-01-23 | 63 | Black Basta – Technical Analysis | Kroll | ||
| Details | Website | 2023-01-17 | 43 | QakBot Malware Used Unpatched Vulnerability to Bypass Windows OS Security Feature |