For the 2020 MITRE Engenuity evaluations, MITRE chose to evaluate two well-known threat actors: Carbanak and FIN7. While last year’s evaluation, covering APT29, was focused on governmental espionage, this last round was focused on financially-motivated threat actors and it included, for the first time, testing on both Windows and Linux endpoints. Both threat groups are […]
The attack unfolded over 2 days in which the attackers gradually moved deeper into the network after obtaining initial access. The vast majority of operations were carried out using powershell, as opposed to custom tools and malware, in order to maintain a low detection profile. The evaluation goal is to show how tested solutions respond to the attack and what kind of visibility is provided along the entire kill-chain.