Alternative names (2)
TTPsInclude • usedTTPsRandom triples
| Subject | Object |
|---|---|
| gptkb:APT41 | remote desktop protocol abuse |
| gptkb:Conti_ransomware_campaigns | remote access tools |
| gptkb:APT20 | use of stolen credentials |
| gptkb:APT41 | watering hole attacks |
| gptkb:APT41 | use of zero-day exploits |
| gptkb:APT41 | custom malware development |
| gptkb:APT41 | spear phishing |
| gptkb:Conti_ransomware_campaigns | use of stolen credentials |
| gptkb:APT12 | watering hole attacks |
| gptkb:Winnti | supply chain attacks |
| gptkb:APT60 | spear phishing |
| gptkb:Conti_ransomware_campaigns | use of affiliate model |
| gptkb:Turla_Group | use of encrypted communications |
| gptkb:APT41 | use of compromised credentials |
| gptkb:Conti_ransomware_campaigns | gptkb:Windows_Defender_exclusion_abuse |
| gptkb:Winnti | watering hole attacks |
| gptkb:Conti_ransomware_campaigns | use of cryptocurrency wallets |
| gptkb:APT41 | supply chain compromise |
| gptkb:Winnti | lateral movement |
| gptkb:Conti_ransomware_campaigns | use of custom ransomware builder |