ioc[.]one - OSINT Cyber Threat Intelligence Database

Everything Everywhere All At Once: The 2023 Active Adversary Report for Business Leaders

Tags

cmtmf-attack-pattern:	Command And Scripting Interpreter Exploit Public-Facing Application Resource Hijacking
country:	Angola Australia Austria United Arab Emirates Bahamas Bahrain Belgium Brazil Canada Switzerland Cuba Colombia Netherlands Germany Nigeria Somalia Finland France Hong Kong India Italy Japan Kenya Saudi Arabia Spain Sweden Thailand Mexico New Zealand Philippines Qatar Singapore South Africa Romania Russia Ukraine United Kingdom United States Of America
attack-pattern:	Data Datasets Command And Scripting Interpreter - T1623 Credentials - T1589.001 Data Encrypted For Impact - T1471 Data Encrypted For Impact - T1486 Exploit Public-Facing Application - T1377 File And Directory Discovery - T1420 Impair Defenses - T1562 Impair Defenses - T1629 Inhibit System Recovery - T1490 Local Groups - T1069.001 Malware - T1587.001 Malware - T1588.001 Multi-Factor Authentication - T1556.006 Powershell - T1059.001 Remote Desktop Protocol - T1021.001 Resource Hijacking - T1496 Rundll32 - T1218.011 Server - T1583.004 Server - T1584.004 Service Execution - T1569.002 System Services - T1569 Web Shell - T1505.003 Tool - T1588.002 Vulnerabilities - T1588.006 Brute Force - T1110 Command-Line Interface - T1059 Create Account - T1136 Exploit Public-Facing Application - T1190 External Remote Services - T1133 File And Directory Discovery - T1083 Indicator Removal On Host - T1070 Modify Registry - T1112 Powershell - T1086 Remote Desktop Protocol - T1076 Rundll32 - T1085 Service Execution - T1035 Valid Accounts - T1078 Web Shell - T1100 Exploit Public-Facing Application External Remote Services Valid Accounts

Show in Graph

Common Information

Type	Value
UUID	ea326e49-074d-4da1-bcd8-d0a8b3a26225
Fingerprint	a63088d950379e6b
Analysis status	DONE
Considered CTI value	2
Text language
Published	April 25, 2023, 10 a.m.
Added to db	April 25, 2023, 12:14 p.m.
Last updated	Nov. 18, 2024, 1:38 a.m.
Headline	Everything Everywhere All At Once: The 2023 Active Adversary Report for Business Leaders
Title	Everything Everywhere All At Once: The 2023 Active Adversary Report for Business Leaders
Detected Hints/Tags/Attributes	202/3/12

Source URLs

	Redirection	Url
Details	Source	https://news.sophos.com/en-us/2023/04/25/2023-active-adversary-report-for-business-leaders/

URL Provider

Details	Provider	Source level domain
Details	sophos.com	news.sophos.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	183	✔	Sophos News	https://news.sophos.com/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	File	2127		cmd.exe
Details	File	256		net.exe
Details	File	1018		rundll32.exe
Details	File	62		whoami.exe
Details	MITRE ATT&CK Techniques	306		T1078
Details	MITRE ATT&CK Techniques	174		T1569.002
Details	MITRE ATT&CK Techniques	695		T1059
Details	MITRE ATT&CK Techniques	585		T1083
Details	MITRE ATT&CK Techniques	235		T1562
Details	MITRE ATT&CK Techniques	247		T1070
Details	MITRE ATT&CK Techniques	550		T1112
Details	MITRE ATT&CK Techniques	86		T1136