APT 29 Initial Access Killchain -MITRE ATT@CK Mapping

Cozy Bear

APT29/Nobelium Initial Access & ATT@CK Mapping

TA0042: Resource Development

• T1650: Aquire Infrastructure
• T1584: Compromised Infrastructure
• T1587: Develop Capabilities
• T1587.001: Develop Capabilities: Malware