T1583.001 – D E C E I V E R . I O

Deceive, Detect, Engage

Campaign against Russian Opposition

The attacker may use phishing emails with malicious attachments to deliver and execute a malicious tool, such as a reverse shell, on the victim’s machine. The tool will likely use web protocols to communicate with the attacker’s C2 server.

Sea Turtle

The attacker is actively scanning the internet for vulnerable hosts, and then compromising those hosts for future malicious activity.

Tag: T1583.001

Campaign against Russian Opposition

Sea Turtle

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense