|
1 | 1 | # Community Report Template |
| 2 | +- Please copy the template, add your information to the following fields |
| 3 | +> [!NOTE] |
| 4 | +> The level of detail provided is the contributor's choice. The more verifiable information shared, the increased level of reliability and credibility. |
| 5 | +### Contributor Details |
| 6 | +``` |
| 7 | +- Real Name |
| 8 | +- Online Handle / Links to profiles e.g. X/Twitter, BlueSky, or LinkedIn |
| 9 | +- Employer / Affiliations e.g. Trust Groups, ISACs, etc |
| 10 | +``` |
| 11 | +--- |
| 12 | +### Adversary |
| 13 | +``` |
| 14 | +- Named adversary (e.g. Qilin, Akira, etc) |
| 15 | +- Unknown adversary (e.g. no ransomware deployed by highly likely to be a ransomware affiliate or initial access broker) |
| 16 | +``` |
| 17 | +--- |
| 18 | +### Incident Details |
| 19 | +``` |
| 20 | +- Time of Incident (e.g. January 2025) |
| 21 | +- Victim Sector (e.g. Retails, Manufacturing, Legal, Healthcare) |
| 22 | +- Victim Country (e.g. US, UK, Canada, France, Italy) |
| 23 | +- Victim Size (e.g. number of employees is 10-100, 100-1000, 1000-10,000, 10,000+) |
| 24 | +``` |
| 25 | +--- |
| 26 | +### Observed Tools |
| 27 | +| Discovery | RMM Tools | Defense Evasion | Credential Theft | OffSec | Networking | LOLBAS | Exfiltration | |
| 28 | +|---|---|---|---|---|---|---|---| |
| 29 | +| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | |
| 30 | +--- |
| 31 | +#### Any Related Sources |
| 32 | +- e.g. VirusTotal Collections, AnyRun Sandbox Detonations, etc |
2 | 33 |
|
3 | | -TBD |
| 34 | +| Date Published | Report | |
| 35 | +|---|---| |
| 36 | +| DD Month YYYY | https:// | |
0 commit comments