From a threat intelligence perspective, this post presents the Tactic, Technique and Procedure (TTP), which can be best described as Living Off The Land at Scale (LOTLS).
Tactics, Techniques, and Procedures (TTPs) is a key concept in cybersecurity and threat intelligence. The purpose is to identify patterns of behavior which can be used to defend against specific strategies and threat vectors used by malicious actors.
Phishing threats are not homogeneous in nature. Malicious actors use several different phishing attack topologies to execute their campaigns – each of which require a different approach to detect and mitigate the threat.
WordPress is an easy target and attackers are compromising vulnerable and misconfigured deployments to serve Qakbot and other malware.
zvelo Cybersecurity shares examples of potentially suspicious sites and Tactics, Techniques & Procedures (TTP) MCAs use to exploit COVID-19 related domains.