Rules of Engagement Executive Summary


APPENDIX E – Threat profile



Download 80.83 Kb.
Page6/6
Date10.07.2023
Size80.83 Kb.
#61682
1   2   3   4   5   6
redteam ROE template

APPENDIX E – Threat profile


As part of the Red Team engagement, I♥REDTEAMS, INC will be replicating the TTPs associated with the group known as <>. This threat has been known to exploit and attack the systems and networks servicing the transactional records, customer order database, and XYZ of organizations similar to <>.

<>
Intent:

Characterization



  • Associated with the Russian Federation

  • Active over multiple years

  • Active primarily during Moscow business hours

  • Targeted organization based in the financial sector

  • Goal of gathering intelligence on financial based organizations

Attack and Delivery TTPs



  • Phishing

  • Watering-Hole

  • Compromised web servers

Exploitation TTPs


Post Exploitation TTPs


Persistence TTPs



  • Run key registry modifications

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”TmProvider”

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\InternetRegistry

Download 80.83 Kb.

Share with your friends:
1   2   3   4   5   6



The database is protected by copyright ©ininet.org 2024
send message
    Main page
united states
total number
vast majority
federal government
other side
next generation
supreme court
information contained
current state
executive director
national association
middle east
east coast
general assembly
private sector
west coast
same time
united kingdom
total amount
united nations
full range
highest level
soviet union
european union
national academy