Threat actors known for targeting the construction industry in brazil.

EXOTIC LILY
Main techniques used
  • Acquire Infrastructure
  • Establish Accounts
  • Exploitation for Client Execution
  • Gather Victim Identity Information
  • Phishing
  • Search Closed Sources
  • Search Open Websites/Domains
  • Search Victim-Owned Websites
  • Stage Capabilities
  • User Execution
  • Web Service

🔗
MITRE
Dragonfly
Main techniques used
  • Account Discovery
  • Account Manipulation
  • Acquire Infrastructure
  • Active Scanning
  • Application Layer Protocol
  • Archive Collected Data
  • Boot or Logon Autostart Execution
  • Brute Force
  • Command and Scripting Interpreter
  • Compromise Infrastructure
  • Create Account
  • Data Staged
  • Data from Local System
  • Drive-by Compromise
  • Email Collection
  • Exploit Public-Facing Application
  • Exploitation for Client Execution
  • Exploitation of Remote Services
  • External Remote Services
  • File and Directory Discovery
  • Forced Authentication
  • Gather Victim Org Information
  • Hide Artifacts
  • Impair Defenses
  • Indicator Removal
  • Ingress Tool Transfer
  • Masquerading
  • Modify Registry
  • Network Share Discovery
  • OS Credential Dumping
  • Obtain Capabilities
  • Permission Groups Discovery
  • Phishing
  • Phishing for Information
  • Query Registry
  • Remote Services
  • Remote System Discovery
  • Scheduled Task/Job
  • Screen Capture
  • Server Software Component
  • Stage Capabilities
  • Supply Chain Compromise
  • System Network Configuration Discovery
  • System Owner/User Discovery
  • Template Injection
  • User Execution
  • Valid Accounts

🔗
MITRE
ETDA
Deep Panda
Main techniques used
  • Command and Scripting Interpreter
  • Event Triggered Execution
  • Hide Artifacts
  • Obfuscated Files or Information
  • Process Discovery
  • Remote Services
  • Remote System Discovery
  • Server Software Component
  • System Binary Proxy Execution
  • Windows Management Instrumentation

🔗
MITRE
ETDA

Stay Informed, Protected, Ahead

Monitoring your threat landscape is essential for anticipating cyber events before they occur. By identifying emerging risks early, your organization can allocate resources more effectively and take proactive measures before it's too late.

Contact our team to set up a customized threat analysis and monitoring solution that aligns with your security needs.


Contact Us