Skip to content

Latest commit

 

History

History
19 lines (17 loc) · 3.26 KB

ds_ricoh_ricoh.md

File metadata and controls

19 lines (17 loc) · 3.26 KB

Vendor: Ricoh

Product: Ricoh

Rules Models MITRE TTPs Event Types Parsers
22 10 4 1 1
Use-Case Event Types/Parsers MITRE TTP Content
Compromised Credentials network-alert
syslog-ricoh-print-activity
 T1027.005 - Obfuscated Files or Information: Indicator Removal from Tools
  • 19 Rules
  • 8 Models
Malware network-alert
syslog-ricoh-print-activity
 T1204 - User Execution
  • 2 Rules
  • 2 Models
Privilege Escalation network-alert
syslog-ricoh-print-activity
 T1021.002 - Remote Services: SMB/Windows Admin Shares
T1087 - Account Discovery
  • 1 Rules
  • 1 Models

ATT&CK Matrix for Enterprise

Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Collection Command and Control Exfiltration Impact
User Execution

 Obfuscated Files or Information: Indicator Removal from Tools

Obfuscated Files or Information

 Account Discovery

 Remote Services

Remote Services: SMB/Windows Admin Shares