Going from IOCs to Behaviors: Threat Hunting for the Actor Behind CYBERCOM’s Recent Ukraine Report
Description
CYBERCOM recently released a report with indicators of compromise (IOCs) from compromised Ukrainian networks. While IOCs are a great way to find very specific parts of an attack, we explore how to instead look for potential behaviors related to the provided IOCs when threat hunting.