T1098 – D E C E I V E R . I O

Deceive, Detect, Engage

Threat Hunting Scenario based on the Cyber Anarchy Squad (C.A.S) Attacks

C.A.S actors gain initial access through the exploitation of public-facing applications, establish persistence, escalate privileges, and utilize various tools and techniques to achieve their objectives, including data exfiltration, encryption, and destruction.

Brute Forcing Hunt 4 Hunt

The threat actor will use brute force and password spraying to target multiple accounts until one is successfully compromised. Once in, the threat actor will attempt to gather credentials and other information about the network to sell.

Tag: T1098

Threat Hunting Scenario based on the Cyber Anarchy Squad (C.A.S) Attacks

Brute Forcing Hunt 4 Hunt

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense