CTI First Principles: Threat Actors and Attribution Question 8

Question

For the question:&nbsp;Which sub-technique has been attributed to this threat actor in the Credential Access Tactic?&nbsp;as the briefing was talking about phishing through attachment, for some reason, the answer Spearphishing Attachment, was not correct. I am wondering about where else I shoud be looking into as the main report mostly taked about email delivery methods in terms of initial access to credentials

samdickison · Answer

Hey kevinh​, how are you getting on with this? Want me to get some support for you?

kevinh · Answer

yes&nbsp;

samdickison · Answer

OK, I just had a deeper look myself, and I think you're focussing on the initial access rather than the credential access technique. Spearfishing gets the threat actor into the environment and then there is another technique to harvest the credentials.

Forum Discussion

CTI First Principles: Threat Actors and Attribution Question 8

3 Replies

Featured Places

Help

Related Content

How to Answer a Question

How to Ask a Question

Systems Manager: Introduction - Question 2

Kate's Story: Ep.2 – Exploitation - Question 9

Threat Hunting Mining Behaviour - Question 1

Recent Discussions

Netcat: Advanced Features last question (9)

Templates do not add systems

Incident Response Introduction to Detection Engineering: Ep.5 – Custom Alerting

Snort Rules Ep.10 Q7

Cross_site Scripting DOM-based XSS vulnerability