0attributed CVEs
24ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
—years active
About this actor
[Windshift](https://attack.mitre.org/groups/G0112) is a threat group that has been active since at least 2017, targeting specific individuals for surveillance in government departments and critical infrastructure across the Middle East.(Citation: SANS Windshift August 2018)(Citation: objective-see windtail1 dec 2018)(Citation: objective-see windtail2 jan 2019)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
SI-4 | 17 / 24 | 71% |
CM-2 | 16 / 24 | 67% |
CM-6 | 16 / 24 | 67% |
SI-3 | 16 / 24 | 67% |
CA-7 | 14 / 24 | 58% |
AC-4 | 11 / 24 | 46% |
CM-7 | 11 / 24 | 46% |
SC-7 | 11 / 24 | 46% |
SI-2 | 10 / 24 | 42% |
SI-7 | 9 / 24 | 38% |
SC-44 | 7 / 24 | 29% |
SI-8 | 7 / 24 | 29% |
AC-6 | 6 / 24 | 25% |
IA-9 | 6 / 24 | 25% |
AC-2 | 5 / 24 | 21% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- Sidewinder 0.43
- APT37 0.39
- Frankenstein 0.37
- Molerats 0.36
- LazyScripter 0.35