For many years, cybercriminals have used social engineering and phishing attacks to trick unsuspected victims into providing their credentials. These credentials have been used to provide cybercriminals with access to a wide range of company resources for a number of well-documented purposes.
REFERENCE: https://blog.group-ib.com/0ktapus
INDUSTRIES: Telecommunications, Financial
TARGETED COUNTRIES: Canada, United States of America
ATT&CK IDS: T1195 - Supply Chain Compromise, T1036 - Masquerading, T1110 - Brute Force, T1566 - Phishing, T1192 - Spearphishing Link
Read More:
Comments