Showing posts from March, 2022

One Way Or Another: Initial Access Vectors

  Artwork by  @laelcillustrate The aim of this blog is to highlight initial access techniques that you’ve potentially not heard of before. You're u nlikely to find these in the Mitre ATT&CK framework and these are pretty u nlikely to happen day-to-day, but they are perfectly valid for persistent attackers. How to implement detection for these techniques also d epends on your threat model and who is trying to target you or your organisation.  Traditional initial access techniques for common threats such as Ransomware operators or Advanced Persistent Threat (APT) groups include  phishing for credentials, malicious spam containing malware, obtaining RDP credentials via brute force or purchasing them from underground markets, and exploiting a vulnerability in a public-facing system.  The techniques discussed in this blog, however, r equires a bit more determination, opportunism, and lateral thinking. >> I've added some " Bushido comments"  offering my own opini