Attack Pattern: Archive Collected Data - T1560
Attack Pattern: Archive via Utility - T1560.001
Attack Pattern: Automated Collection - T1119
Attack Pattern: Brute Force - T1110
Attack Pattern: Business Relationships - T1591.002
Attack Pattern: Clear Windows Event Logs - T1070.001
Attack Pattern: Cloud Accounts - T1586.003
Attack Pattern: Content Injection - T1659
Attack Pattern: DLL Search Order Hijacking - T1574.001
Attack Pattern: Domain Account - T1087.002
Attack Pattern: Email Accounts - T1586.002
Attack Pattern: Email Addresses - T1589.002
Attack Pattern: Email Collection - T1114
Attack Pattern: Execution Guardrails - T1627
Attack Pattern: Exfiltration Over Alternative Protocol - T1048
Attack Pattern: Exploit Public-Facing Application - T1190
Attack Pattern: External Proxy - T1090.002
Attack Pattern: External Remote Services - T1133
Attack Pattern: Forced Authentication - T1187
Attack Pattern: Gather Victim Host Information - T1592
Attack Pattern: Gather Victim Org Information - T1591
Attack Pattern: Geofencing - T1627.001
Attack Pattern: Group Policy Preferences - T1552.006
Attack Pattern: Hide Infrastructure - T1665
Attack Pattern: Identify Roles - T1591.004
Attack Pattern: Malicious File - T1204.002
Attack Pattern: Malicious Link - T1204.001
Attack Pattern: Multi-Factor Authentication - T1556.006
Attack Pattern: Multi-Stage Channels - T1104
Attack Pattern: NTDS - T1003.003
Attack Pattern: Password Guessing - T1110.001
Attack Pattern: Password Spraying - T1110.003
Attack Pattern: Phishing - T1566
Attack Pattern: PowerShell - T1059.001
Attack Pattern: PowerShell - T1086
Attack Pattern: Python - T1059.006
Attack Pattern: Registry Run Keys / Startup Folder - T1547.001
Attack Pattern: Remote Desktop Protocol - T1021.001
Attack Pattern: Remote Email Collection - T1114.002
Attack Pattern: Scheduled Task - T1053.005
Attack Pattern: Scheduled Transfer - T1029
Attack Pattern: Shortcut Modification - T1547.009
Attack Pattern: Spearphishing Attachment - T1566.001
Attack Pattern: Spearphishing Link - T1566.002
Attack Pattern: Spearphishing Voice - T1566.004
Attack Pattern: Video Capture - T1125
Attack Pattern: Visual Basic - T1059.005
Attack Pattern: Windows Command Shell - T1059.003
Identity: Defense
Identity: Transportation
Location: Turkey
Malware: Ghost
Malware: Headlace
Malware: IMPACKET
Malware: Masepie
Malware: Oceanmap
Malware: Play ransomware
Malware: Playcrypt
Malware: PsExec
Malware: Sality
Malware: Steelhook
Threat Actor: APT28
Tool: Impacket - S0357
Tool: PsExec - S0029
Vulnerability: CVE-2023-38831
Vulnerability: [41416] Roundcube Multiple Vulnerabilities Fixed by 1.2.10, 1.3.11 and 1.4.4
Vulnerability: [44547] Roundcube Webmail Cross-Site Scripting Vulnerability Fixed by 1.2.13, 1.3.16, 1.4.10
Vulnerability: [48676] Roundcube Webmail Multiple Vulnerabilities Fixed by 1.3.17 and 1.4.12
Vulnerability: [55220] Microsoft Outlook NTLMv2 Hash Disclosure Vulnerability Fixed by March 2023 Patch Day
Vulnerability: [57671] WinRAR - Multiple Vulnerabilities Fixed by 6.23