Monday, 9 November 2020

Common Cyber Attacks

This page is not meant to capture all the details of all cyber attacks, it's merely a reference for me for future use.  It allows me to quickly see the most common exploits and understand how the attack spread, this helps inform how to mitigate against those attacks.

A useful site to be aware of is https://www.nomoreransom.org/en/index.html run by Europol, it details decryption methods for some ransomware.

Name

Type

Action

Entry Point

MITRE

Exploit Tools

Spread

IOC

Pay2Key

Ransomware

Encrypt networks

RDP

T1133 - External Remote Services

PsExec

Once inside a victim's network, the attackers will set up a pivot device that will be used as a proxy for all outgoing communications between the ransomware infected computers and Pay2Key's command-and-control (C2) servers.

Prescence of Cobalt.Client.exe to encrypt


No comments:

Post a comment