Orchestration Has No ATT&CK ID
·
5 min read
Introduction # MITRE ATT&CK can tell you an attacker dumped credentials (T1003) and moved laterally over SSH (T1021). It cannot tell you those two steps were chosen, sequenced, and executed by an …
Introduction # MITRE ATT&CK can tell you an attacker dumped credentials (T1003) and moved laterally over SSH (T1021). It cannot tell you those two steps were chosen, sequenced, and executed by an …
Introduction # On December 29, 2025, the Internet Society of China (中国互联网协会, ISC — an industry association affiliated with MIIT) published the China Internet Enterprise Comprehensive Strength Index …
Introduction # When EclecticIQ analyzed a 2023 Cobalt Strike intrusion1 at Taiwan’s Directorate General of Highways (MOTC), the most useful artifact wasn’t the malware. It was a filesystem …