mirror of
https://github.com/DISARMFoundation/DISARMframeworks.git
synced 2024-12-13 18:04:26 -05:00
aca100b364
Framework updates: - TA08 added text "Used for preparation before broader release, and as message honing." - TA10 change name from "Go Physical" to "Drive Offline Activity" - T0004 change name from "Competing Narratives" to "Devise Competing Narratives" - T0005 convert into a tactic stage, TA13. Change name from "Center of Gravity Analysis" to "Conduct Center of Gravity Analysis" - T0006 rename from "Create Master Narratives" to "Develop Narrative Concepts". nb narratology: can't create master narratives - can only latch onto them - T0011 change name from "Hijack legitimate account" to "Compromise legitimate account" - T0065. Create new technique "use physical broadcast capabilities" under TA04 - T0014. Rename from "Create funding campaigns" to "Prepare fundraising campaigns". Exited text to reflect that this new name allows the possibility of either creating a new one, or revitalizing an existing one. - T0015 rename from "Create hashtag" to "Create hashtags". Change text to mention hashtag groups. - T0017 rename from "Promote online funding" to "Conduct Fundraising Campaigns" - T0018 rename from "Paid targeted ads" to "Purchase advertisements" - T0026 rename from "Create fake research" to "create pseudoscientific or disingenuous research" Page and file updates: - Added MITRE, FIU, and SPICE to DISARM's history - reran github page generator - reran sqlite generator
36 lines
956 B
Markdown
36 lines
956 B
Markdown
# Counter C00182: Redirection / malware detection/ remediation
|
|
|
|
* **Summary**: Detect redirction or malware, then quarantine or delete. Example: (2015) Trustwave reported that a Bedep Trojan malware kit had begun infecting machines and forcing them to browse certain sites, artificially inflating traffic to a set of pro-Russia
|
|
|
|
* **Playbooks**:
|
|
|
|
* **Metatechnique**: M005 - removal
|
|
|
|
* **Resources needed:**
|
|
|
|
* **Belongs to tactic stage**: TA09
|
|
|
|
|
|
| Actor types | Sectors |
|
|
| ----------- | ------- |
|
|
| [A027 information security](../generated_pages/actortypes/A027.md) | S008 |
|
|
|
|
|
|
|
|
| Counters these Tactics |
|
|
| ---------------------- |
|
|
|
|
|
|
|
|
| Counters these Techniques |
|
|
| ------------------------- |
|
|
| [T0011 Compromise legitimate account](../generated_pages/techniques/T0011.md) |
|
|
| [T0054 Twitter bots amplify](../generated_pages/techniques/T0054.md) |
|
|
|
|
|
|
|
|
| Seen in incidents |
|
|
| ----------------- |
|
|
|
|
|
|
DO NOT EDIT ABOVE THIS LINE - PLEASE ADD NOTES BELOW |