Happy Wednesday everyone! #DarkPInk is at it again and Group-IB wastes no time in exposing their TTPs in Dark Pink. Episode 2! This is a thorough and well detailed article by Andrey Polovinkin! Enjoy and Happy Hunting!

Link is in the comments!

***AS usual I am going to leave one of the MITRE ATT&CK blank. I would like to see if any of you that see this can help FILL in that blank! If so, leave your thoughts in the comments OR send me a DM!***

Notable TTPs:
TA0001 - Initial Access
T1566.002 - Phishing: SpearPhishing Link

TA0002 - Execution
T1059.001 - Command and Scripting Interpreter: PowerShell

TA0003 - Persistence
T1053.005 - Scheduled Task/Job: Scheduled Task

TA0004 - Privilege Escalation
T[There are a couple in this article. Can you name 1?]

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting