Description
[Volatile Cedar](https://attack.mitre.org/groups/G0123) is a Lebanese threat group that has targeted individuals, companies, and institutions worldwide. [Volatile Cedar](https://attack.mitre.org/groups/G0123) has been operating since 2012 and is motivated by political and ideological interests.(Citation: CheckPoint Volatile Cedar March 2015)(Citation: ClearSky Lebanese Cedar Jan 2021)
Techniques Used (TTPs)
- T1595.002 — Vulnerability Scanning (reconnaissance)
- T1595.003 — Wordlist Scanning (reconnaissance)
- T1505.003 — Web Shell (persistence)
- T1105 — Ingress Tool Transfer (command-and-control)
- T1190 — Exploit Public-Facing Application (initial-access)
Total TTPs: 5
Malware & Tools
Malware: Caterpillar WebShell, Explosive