… New Technology APCs 1. Background 2. Procedures Assigned to New Technology APC Groups for CY 2024 a. Administration of Subretinal Therapies Requiring Vitrectomy (APC 1563) b. Bronchoscopy with Transbronchial Ablation of Lesion(s) by Microwave Energy (APC 1562) c. Cardiac Positro…

…rs including providers, issuers, researchers, and consumer and patient advocacy groups. Attendees noted that currently available pricing tools are underutilized, in part because consumers are often unaware that they exist, [ 46 ] and even when used, the tools sometimes convey inc…

…114) and Microsoft Word via crafted TIFF images (CVE-2013-3906). [65] [66] [67] G0121 Sidewinder Sidewinder has exploited vulnerabilities to gain execution including CVE-2017-11882 and CVE-2020-0674. [68] [69] S0374 SpeakUp SpeakUp attempts to exploit the following vulnerabilitie…

…rkstations or McAfee's Outlook Scan About Box to load malicious DLL files. [41] G0121 Sidewinder Sidewinder has used DLL side-loading to drop and execute malicious payloads including the hijacking of the legitimate Windows application file rekeywiz.exe. [42] S0098 T9000 During th…

…December 19). Operation Wocao: Shining a light on one of China’s hidden hacking groups. Retrieved October 8, 2020. Unit 42. (2022, February 25). Spear Phishing Attacks Target Organizations in Ukraine, Payloads Include the Document Stealer OutSteel and the Downloader SaintBot. Ret…

…eat Research. (2019, October 7). China-Based APT Mustang Panda Targets Minority Groups, Public and Private Sector Organizations. Retrieved April 12, 2021. Insikt Group. (2020, July 28). CHINESE STATE-SPONSORED GROUP ‘REDDELTA’ TARGETS THE VATICAN AND CATHOLIC ORGANIZATIONS. Retri…

…ARPSTATS SHARPSTATS has the ability to employ a custom PowerShell script. [147] G0121 Sidewinder Sidewinder has used PowerShell to drop and execute malware loaders. [167] G0091 Silence Silence has used PowerShell to download and execute payloads. [168] [169] S0649 SMOKEDHAM SMOKE…

…deCopy has sent spearphishing emails with malicious hta file attachments. [223] G0121 Sidewinder Sidewinder has sent e-mails with malicious attachments often crafted for specific targets. [224] G0091 Silence Silence has sent emails with malicious DOCX, CHM, LNK and ZIP attachment…

…ARPSTATS SHARPSTATS has the ability to employ a custom PowerShell script. [211] G0121 Sidewinder Sidewinder has used PowerShell to drop and execute malware loaders. [237] G0091 Silence Silence has used PowerShell to download and execute payloads. [238] [239] S0692 SILENTTRINITY S…

…ark Shark can use encrypted and encoded files for C2 configuration. [135] [194] G0121 Sidewinder Sidewinder has used base64 encoding and ECDH-P256 encryption for payloads. [195] [196] [197] S0468 Skidmap Skidmap has encrypted it's main payload using 3DES. [198] S0633 Sliver Slive…

…deTwist has the ability to collect the domain name on a compromised host. [169] G0121 Sidewinder Sidewinder has used malware to collect information on network interfaces, including the MAC address. [170] S0633 Sliver Sliver has the ability to gather network configuration informat…

…IPSHAPE achieves persistence by creating a shortcut in the Startup folder. [35] G0121 Sidewinder Sidewinder has added paths to executables in the Registry to establish persistence. [211] [212] [213] G0091 Silence Silence has used HKCU\Software\Microsoft\Windows\CurrentVersion\Run…

…andworm Team has crafted phishing emails containing malicious hyperlinks. [110] G0121 Sidewinder Sidewinder has sent e-mails with malicious links often crafted for specific targets. [111] [112] S1086 Snip3 Snip3 has been delivered to victims through e-mail links to malicious file…

…December 19). Operation Wocao: Shining a light on one of China’s hidden hacking groups. Retrieved October 8, 2020. Lunghi, D., et al. (2017, December). Untangling the Patchwork Cyberespionage Group. Retrieved July 10, 2018. Trend Micro Research. (2023, July 21). Ransomware Spotli…

…eat Research. (2019, October 7). China-Based APT Mustang Panda Targets Minority Groups, Public and Private Sector Organizations. Retrieved April 12, 2021. Victor, K.. (2020, May 18). Netwalker Fileless Ransomware Injected via Reflective Loading . Retrieved May 26, 2020. Szappanos…