[Intel]: https://www.crowdstrike.com/blog/an-analysis-of-lightbasin-telecommunications-attacks #8
Labels
deprecated:template
ignore:tag:T1005
ignore:tag:T1021.002
ignore:tag:T1037
ignore:tag:T1048
ignore:tag:T1057
ignore:tag:T1070.004
ignore:tag:T1071.001
ignore:tag:T1491
ignore:tag:T1546.004
ignore:tag:T1562.004
ignore:tag:T1567
ignore:tag:T1573
ignore:tag:T1590
missing:tag:Non-persistentStorage
missing:tag:RedirectionToNull
Area
Malware reports
Parent threat
Credential Access, Defense Evasion, Discovery, Lateral Movement, Collection, Command and Control, Impact
Finding
https://www.crowdstrike.com/blog/an-analysis-of-lightbasin-telecommunications-attacks
Industry reference
vertical:Telecomms
attack:T1573.001:Symmetric Cryptography
attack:T1590:Gather Victim Network Information
attack:T1562.004:Disable or Modify System Firewall
attack:T1048.001:Exfiltration Over Unencrypted Non-C2 Protocol
attack:T1021.004:SSH
attack:T1037.004:RC Scripts
attack:T1090.001:Internal Proxy
attack:T1090.002:External Proxy
attack:T1110.003:Password Spraying
Malware reference
#134
SLAPSTICK
STEELCORGI
PingPong
TINYSHELL
CordScan
SIGTRANslator
Fast Reverse Proxy
Microsocks Proxy
ProxyChains
Actor reference
LightBasin
UNC1945
Component
Solaris, Linux, Telecomms
Scenario
Internal specialist services
Scenario variation
Enclave deployment
The text was updated successfully, but these errors were encountered: