Changes

==Types==

==Types==

Threat actors can be cybercriminals, insiders, and/or nation-states.

Threat actors can be cybercriminals, insiders, and/or nation-states.

===State-Sponsored==

===State-Sponsored===

Historically, state-sponsored advanced persistent threat (APT) actors have used [[Phishing|spearphishing]], brute force, and exploiting known vulnerabilities against accounts and networks with weak security.

Historically, state-sponsored advanced persistent threat (APT) actors have used [[Phishing|spearphishing]], brute force, and exploiting known vulnerabilities against accounts and networks with weak security.

==Russian==

==Russian==

* Russian-sponsored cyberattacks have been able to gain access via vulnerabilities in FortiGate VPNs, Cisco routers, Oracle WebLogic Servers, Kibana software, Zimbra software, Exim Simple Mail Transfer Protocol, Pulse Secure, Citrix, Microsoft Exchange, VMWare, and F5 Big-IP

* Russian-sponsored cyberattacks have been able to gain access via vulnerabilities in FortiGate VPNs, Cisco routers, Oracle WebLogic Servers, Kibana software, Zimbra software, Exim Simple Mail Transfer Protocol, Pulse Secure, Citrix, Microsoft Exchange, VMWare, and F5 Big-IP