New #Shuckworm #TTPs as reported by Symantec is the highlight of the #readoftheday. Shuckworm, aka #Gamaredon or #Armageddon, has been targeting Ukraine since 2014.
Link in the comments!
***I am going to leave one of the MITRE ATT&CK blank. I would like to see if any of you that see this can help FILL in that blank! If so, leave your thoughts in the comments OR send me a DM!***
TA0001 - Initial Access
T1566.001 - Phishing: Spearphishing Attachment
TA0002 - Execution
T1059.001 - Command and Scripting Interpreter: PowerShell
TA0003 - Persistence
T1053.005 - Scheduled Task/Job: Scheduled Task
TA0009 - Collection
[Here is your chance to shine! Let the community or me know what you find!]
Shuckworm: Inside Russia’s Relentless Cyber Campaign Against Ukraine
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/shuckworm-russia-ukraine-military