Common Information
| Type | Value |
|---|---|
| Value |
Impair Defenses - T1562 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may maliciously modify components of a victim environment in order to hinder or disable defensive mechanisms. This not only involves impairing preventative defenses, such as firewalls and anti-virus, but also detection capabilities that defenders can use to audit activity and identify malicious behavior. This may also span both native defenses as well as supplemental capabilities installed by users and administrators. Adversaries may also impair routine operations that contribute to defensive hygiene, such as blocking users from logging out of a computer or stopping it from being shut down. These restrictions can further enable malicious operations as well as the continued propagation of incidents.(Citation: Emotet shutdown) Adversaries could also target event aggregation and analysis mechanisms, or otherwise disrupt these procedures by altering other system components. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2021-01-12 | 70 | Operation Spalax: Targeted malware attacks in Colombia | WeLiveSecurity | ||
| Details | Website | 2021-01-05 | 3 | An Overview of the DoppelPaymer Ransomware | ||
| Details | Website | 2020-12-23 | 55 | Between a rock and a hard place - exploring mount locker ransomware | ||
| Details | Website | 2020-12-22 | 66 | Spicy Hot Pot Rootkit: Finding, Hunting, and Eradicating It | ||
| Details | Website | 2020-12-18 | 74 | Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers - Microsoft Security Blog | ||
| Details | Website | 2020-11-18 | 40 | Reversing Ryuk | ||
| Details | Website | 2020-10-27 | 49 | North Korean Advanced Persistent Threat Focus: Kimsuky | CISA | ||
| Details | Website | 2020-10-13 | 80 | Lemon Duck brings cryptocurrency miners back into the spotlight | ||
| Details | Website | 2020-10-12 | 47 | ESET takes part in global operation to disrupt Trickbot | WeLiveSecurity | ||
| Details | Website | 2020-09-02 | 63 | KryptoCibule: The multitasking multicurrency cryptostealer | WeLiveSecurity |