Common Information
| Type | Value |
|---|---|
| Value |
Impair Defenses - T1562 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may maliciously modify components of a victim environment in order to hinder or disable defensive mechanisms. This not only involves impairing preventative defenses, such as firewalls and anti-virus, but also detection capabilities that defenders can use to audit activity and identify malicious behavior. This may also span both native defenses as well as supplemental capabilities installed by users and administrators. Adversaries may also impair routine operations that contribute to defensive hygiene, such as blocking users from logging out of a computer or stopping it from being shut down. These restrictions can further enable malicious operations as well as the continued propagation of incidents.(Citation: Emotet shutdown) Adversaries could also target event aggregation and analysis mechanisms, or otherwise disrupt these procedures by altering other system components. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-11-19 | 117 | LitterDrifter: a new USB worm used by the Gamaredon group | ||
| Details | Website | 2023-11-13 | 78 | Don’t throw a hissy fit; defend against Medusa | ||
| Details | Website | 2023-11-06 | 47 | D0nut encrypt me, I have a wife and no backups | ||
| Details | Website | 2023-11-01 | 42 | DoNot APT expands its arsenal to spy on victim's VoIP calls | ||
| Details | Website | 2023-10-31 | 18 | Step-by-step through the Money Message ransomware | ||
| Details | Website | 2023-10-30 | 22 | Scattered Ransomware Attribution Blurs Focus on IR Fundamentals | ||
| Details | Website | 2023-10-25 | 94 | A pirated program downloaded from a torrent site infected hundreds of thousands of users | ||
| Details | Website | 2023-10-23 | 273 | Red Team Tools | ||
| Details | Website | 2023-10-23 | 30 | New Enchant Android Malware Targeting Chinese Cryptocurrency Users | ||
| Details | Website | 2023-10-20 | 59 | Akira Stealer : An Undetected Python Based Info-stealer - CYFIRMA | ||
| Details | Website | 2023-10-12 | 27 | AvosLocker Ransomware Continues to Target US - CISA Alert AA23-284A | ||
| Details | Website | 2023-10-10 | 21 | Malware Trends Report: Q3, 2023 - ANY.RUN's Cybersecurity Blog | ||
| Details | Website | 2023-10-06 | 39 | Threat Labs Security Advisory: New STARK#VORTEX Attack Campaign: Threat Actors Use Drone Manual Lures to Deliver MerlinAgent Payloads | ||
| Details | Website | 2023-09-24 | 49 | Deadglyph: a new advanced backdoor from Stealth Falcon | ||
| Details | Website | 2023-09-20 | 37 | Indian Taxpayers face a Multifaceted Threat with Drinik Malware's Return | ||
| Details | Website | 2023-09-15 | 110 | Securonix Threat Labs Security Advisory: Threat Actors Target MSSQL Servers in DB#JAMMER to Deliver FreeWorld Ransomware | ||
| Details | Website | 2023-09-15 | 816 | UNC3944: SMS Phishing, SIM Swapping, and Ransomware Attacks | ||
| Details | Website | 2023-09-05 | 41 | Dark Web Profile: Medusa Ransomware (MedusaLocker) | ||
| Details | Website | 2023-08-25 | 195 | Russia/Ukraine Update - August 2023 | ||
| Details | Website | 2023-08-23 | 70 | Malware-as-a-Service: Redline Stealer Variants Demonstrate a Low-Barrier-to-Entry Threat | ||
| Details | Website | 2023-08-09 | 56 | AgentTesla Malware Targets Users with Malicious Control Panel File | ||
| Details | Website | 2023-07-27 | 50 | Dark Web Profile: 8Base Ransomware | ||
| Details | Website | 2023-07-27 | 117 | Healthcare Threat Landscape 2022-2023: Common TTPs Used by Top Ransomware Groups Targeting the Healthcare Sector | ||
| Details | Website | 2023-07-26 | 6 | Incident Response trends Q2 2023: Data theft extortion rises, while healthcare is still most-targeted vertical | ||
| Details | Website | 2023-07-25 | 6 | APT Profile: Kimsuky - SOCRadar® Cyber Intelligence Inc. |