← threatfilter.dev / all groups / Volatile Cedar

Volatile Cedar

Also known as: Lebanese Cedar

Overview

Volatile Cedar is a Lebanese threat group that has targeted individuals, companies, and institutions worldwide. Volatile Cedar has been operating since 2012 and is motivated by political and ideological interests.

Capabilities

Exploitation of public-facing / client applications — ATT&CK T1190

TTPs — 5 techniques across 4 tactics

Reconnaissance

T1595.002 Vulnerability Scanning
T1595.003 Wordlist Scanning

Initial Access

T1190 Exploit Public-Facing Application

Persistence

T1505.003 Web Shell

Command and Control

T1105 Ingress Tool Transfer

Tools & malware (2)

Caterpillar WebShell · Explosive

Reporting (2)

“Lebanese Cedar” APT Global Lebanese Espionage Campaign Leveraging Web Servers — ClearSky Cyber Security
VOLATILE CEDAR — Threat Intelligence and Research