TTP Tuesday: GTsST - Sandworm

Theme Overview For this week's release, we're introducing a new chain theme based on GTsST and specifically Sandworm. In 2021, the ANSSI (Agence nationale de la sécurité des systèmes d'information) published an advisory warning that hackers with links to Sandworm, a group within Russia's GTsST, had breached several French organizations. The agency describes those victims as "mostly" IT firms and particularly web hosting companies. ANSSI states the intrusion campaign dates back to late 2017 and continued until 2020.

Read →