Alternative names (2)
TTPsInclude • usedTTPsRandom triples
| Subject | Object |
|---|---|
| gptkb:Stone_Panda | use of compromised MSPs to access client networks |
| gptkb:APT41 | watering hole attacks |
| gptkb:Conti_ransomware_campaigns | use of stolen credentials |
| gptkb:Conti_ransomware_campaigns | network reconnaissance |
| gptkb:Stone_Panda | custom malware development |
| gptkb:Turla_Group | use of legitimate software for persistence |
| gptkb:Conti_ransomware_campaigns | gptkb:Windows_Defender_exclusion_abuse |
| gptkb:Conti_ransomware_campaigns | RDP brute force |
| gptkb:Winnti | supply chain attacks |
| gptkb:Stone_Panda | use of legitimate credentials |
| gptkb:MuddyWater_group | use of legitimate tools for lateral movement |
| gptkb:Conti_ransomware_campaigns | Active Directory compromise |
| gptkb:APT60 | custom malware |
| gptkb:Zebrocy | multi-stage infection chains |
| gptkb:APT20 | use of stolen credentials |
| gptkb:Winnti | watering hole attacks |
| gptkb:APT12 | watering hole attacks |
| gptkb:APT41 | use of open-source tools |
| gptkb:Stone_Panda | living off the land |
| gptkb:APT41 | use of Cobalt Strike beacons |