0attributed CVEs
47ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
—years active
About this actor
[Storm-1811](https://attack.mitre.org/groups/G1046) is a financially-motivated entity linked to [Black Basta](https://attack.mitre.org/software/S1070) ransomware deployment. [Storm-1811](https://attack.mitre.org/groups/G1046) is notable for unique phishing and social engineering mechanisms for initial access, such as overloading victim email inboxes with non-malicious spam to prompt a fake "help desk" interaction leading to the deployment of adversary tools and capabilities.(Citation: Microsoft Storm-1811 2024)(Citation: rapid7-email-bombing)(Citation: RedCanary Storm-1811 2024)(Citation: RedCanary June Insights 2024)
Source: MITRE ATT&CK
Activity timeline
No activity events recorded.
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
| No attributed CVEs. | |||||
T1021T1021.002T1021.004T1027T1027.013T1033T1036T1036.005T1036.010T1048T1048.002T1056T1059T1059.001T1059.003T1074T1074.001T1087T1087.002T1105T1140T1204T1204.002T1219T1219.002T1222T1222.001T1482T1486T1547T1547.001T1566T1566.002T1566.003T1566.004T1570T1574T1574.001T1583T1583.001T1585T1585.003T1588T1588.002T1667T1684T1684.001
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
SI-4 | 27 / 47 | 57% |
CM-6 | 26 / 47 | 55% |
CM-2 | 22 / 47 | 47% |
SI-3 | 20 / 47 | 43% |
AC-3 | 18 / 47 | 38% |
CM-7 | 18 / 47 | 38% |
CA-7 | 17 / 47 | 36% |
AC-2 | 16 / 47 | 34% |
AC-6 | 15 / 47 | 32% |
SI-10 | 14 / 47 | 30% |
SI-7 | 14 / 47 | 30% |
AC-4 | 13 / 47 | 28% |
SC-7 | 12 / 47 | 26% |
IA-2 | 9 / 47 | 19% |
AC-5 | 8 / 47 | 17% |
Co-occurring actors
None.
Similar actors
Similar TTPs
- WIRTE 0.33
- menuPass 0.29
- MirrorFace 0.27
- MuddyWater 0.26
- Sidewinder 0.25