Common Information
| Type | Value |
|---|---|
| Value |
Ingress Tool Transfer - T1544 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may transfer tools or other files from an external system onto a compromised device to facilitate follow-on actions. Files may be copied from an external adversary-controlled system through the command and control channel or through alternate protocols with another tool such as FTP. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-07-27 | 117 | Healthcare Threat Landscape 2022-2023: Common TTPs Used by Top Ransomware Groups Targeting the Healthcare Sector | ||
| Details | Website | 2023-07-25 | 8 | Malware Family KQL Queries — Week of 2023–07–24 | ||
| Details | Website | 2023-07-25 | 6 | APT Profile: Kimsuky - SOCRadar® Cyber Intelligence Inc. | ||
| Details | Website | 2023-07-20 | 33 | Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells | CISA | ||
| Details | Website | 2023-07-19 | 8 | CAPIBAR and KAZUAR Malware Detection: Turla aka UAC-0024 or UAC-0003 Launches Targeted Cyber-Espionage Campaigns Against Ukraine - SOC Prime | ||
| Details | Website | 2023-07-14 | 17 | PyLoose: A new fileless malware targeting cloud workloads | ||
| Details | Website | 2023-07-13 | 43 | Threat Actor Profile: BianLian, The Shape-Shifting Ransomware Group | ||
| Details | Website | 2023-07-12 | 103 | CustomerLoader: a new malware distributing a wide variety of payloads | ||
| Details | Website | 2023-07-11 | 7 | Clop: Behind MOVEit Lies a Loud, Adaptable and Persistent Threat Group | ||
| Details | Website | 2023-07-10 | 14 | Clop At The Top – But For How Long? | ||
| Details | Website | 2023-06-29 | 98 | PhonyC2: Revealing a New Malicious Command & Control Framework by MuddyWater | Deep Instinct | ||
| Details | Website | 2023-06-23 | 100 | Securonix Threat Labs Security Advisory: New MULTI#STORM Attack Campaign Involving Python-based Loader Masquerading as OneDrive Utilities Dropping Multiple RAT Payloads Using Security Analytics | ||
| Details | Website | 2023-06-22 | 42 | Gh0stBins Chinese RAT Malware Analysis | ||
| Details | Website | 2023-06-19 | 25 | How Lazarus Group Abuses IIS Servers to Spread Malware? | ||
| Details | Website | 2023-06-07 | 176 | #StopRansomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability | CISA | ||
| Details | Website | 2023-06-06 | 18 | UAC-0099 Activity Detection: Hackers Conduct Cyber-Espionage Operations Against Ukrainian State Bodies and Media Organizations - SOC Prime | ||
| Details | Website | 2023-06-06 | 27 | Anomali Cyber Watch: LEMURLOOT on Exploited MOVEit Transfers, Zero-Click iOS Exploit Targeted Kaspersky, Qakbot Turns Bots into Proxies | ||
| Details | Website | 2023-06-01 | 34 | SharpPanda APT Campaign Expands its Arsenal Targeting G20 Nations | ||
| Details | Website | 2023-05-23 | 23 | New MDBotnet Unleashes DDoS Attacks | ||
| Details | Website | 2023-05-22 | 141 | IcedID Macro Ends in Nokoyawa Ransomware - The DFIR Report | ||
| Details | Website | 2023-05-16 | 77 | #StopRansomware: BianLian Ransomware Group | CISA | ||
| Details | Website | 2023-05-12 | 138 | Securonix Threat Labs Security Advisory: Latest Update: Ongoing MEME#4CHAN Attack/Phishing Campaign uses Meme-Filled Code to Drop XWorm Payloads | ||
| Details | Website | 2023-05-09 | 67 | Akira Ransomware is “bringin’ 1988 back” | ||
| Details | Website | 2023-05-02 | 54 | Polish Healthcare Industry Targeted by Vidar Infostealer Likely Linked to Djvu Ransomware | ||
| Details | Website | 2023-05-01 | 47 | SeroXen RAT for sale |