SOC Incident Toolkit
Back to Campaigns
Operation Olalampo: MuddyWater Escalates Cyber-Espionage Across the MENA Region with Multi-Stage Malware Arsenal

Operation Olalampo: MuddyWater Escalates Cyber-Espionage Across the MENA Region with Multi-Stage Malware Arsenal

APTEspionageExfiltration

This campaign involves sophisticated spear-phishing attacks. Adversaries aim to establish persistent access and exfiltrate sensitive data. It primarily targets government and defense sectors.

Indicators of Compromise

Domains (4)

codefusiontech.orgpromoverse.orgminiquest.orgjerusalemsolutions.com

Hashes (61)

9b4cd87d338d2fcf30d75f9e5c7abb8be085dc8c4f573df19597b872d8ae8c2d0f839cafa6565f74303e5e5f414f9d8c64af4e6216026ed8fcfbf8b07ee20707270dbaedfbeef9333e0780f3c4e74c01392ce381f5ef5f40922113c2dfb32c202ae2b3f5392a36717fa948f7e00d35711e8598108fbe2f727d3757d5165e2e95b0b89e33316025a4b9301e2df5a129ba4141361ca266950dc4adcb2c548aa949ef22f16d56334c01032bba80144e98a5dfb2eb87ce839411ea82d1e3ee4d0cefc91413ad7c94c0e2694862b9d671d1204873bf65576ba2cb91fbd562a4ccf79b81a6e6416eb7ab6ce6367c6102c031e2ae2730c3c50ab9ce0b8668fec34878487bd04218276fc8f375c0ce3be43a710f6a2b4d090365daf83e37d2c6daaae6c28b4c8343288ef2f9e25892603c42e34bd7ba0d8ea73be600d898cadc290e3417a82c04d6281b743bf96e2225af8dbf7555f3f4669d685d413441306816018d08dd03a97ac306fac0200e91523c47eab6ebe5b48097c0099ff18f2a8bc13c12f7bb3587d3da3fbe4ab8c36721d94353279ca11fcbd75420bd7a578e8bf6ef855e7bd0fb8e8632b62fa14fd679fa97cfe50e6c25696b846129+41 more

IPv4 (4)

209.74.87.67162.0.230.185143.198.5.41209.74.87.100

APT Groups

MuddyWater

IR

Notes

<span id="docs-internal-guid-74b1dd1e-7fff-314f-c1db-c4b0838a14b1"><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">CONCLUSION</span></p><p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">The ShadowStrike campaign represents a significant threat due to its advanced techniques and high-value targets. Organizations must implement robust security measures and continuous monitoring. Proactive threat intelligence sharing is crucial for defense.</span></p><div><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;"><br></span></div></span>

Mitigation

<span id="docs-internal-guid-ca91ff9b-7fff-d02d-f253-aeb0fd472f32"><h3 style="line-height:1.38;margin-top:0pt;margin-bottom:6pt;"><span style="font-size: 13pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">MITIGATION</span></h3><div style="margin-left:0pt;" align="left"><table style="border:none;border-collapse:collapse;"><colgroup><col><col><col></colgroup><tbody><tr style="height:26.25pt;"><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">ID</span></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Mitigation</span></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Description</span></p></td></tr><tr style="height:54pt;"><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><a href="https://attack.mitre.org/mitigations/M1026/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(11, 87, 208); font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; text-decoration-line: underline; vertical-align: baseline;">M1026</span></a></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Privileged Account Management</span></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Manage the creation, modification, use, and permissions associated to privileged accounts.</span></p></td></tr><tr style="height:40.5pt;"><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><a href="https://attack.mitre.org/mitigations/M1027/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(11, 87, 208); font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; text-decoration-line: underline; vertical-align: baseline;">M1027</span></a></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Password Policies</span></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Set and enforce secure password policies for accounts.</span></p></td></tr><tr style="height:54pt;"><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><a href="https://attack.mitre.org/mitigations/M1028/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(11, 87, 208); font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; text-decoration-line: underline; vertical-align: baseline;">M1028</span></a></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Operating System Configuration</span></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Make configuration changes to operating systems to prevent adversary abuse of built-in tools.</span></p></td></tr><tr style="height:54pt;"><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><a href="https://attack.mitre.org/mitigations/M1031/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(11, 87, 208); font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; text-decoration-line: underline; vertical-align: baseline;">M1031</span></a></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Network Intrusion Prevention</span></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Use network intrusion prevention systems to mitigate network-based attacks and block malicious traffic.</span></p></td></tr><tr style="height:54pt;"><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><a href="https://attack.mitre.org/mitigations/M1038/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(11, 87, 208); font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; text-decoration-line: underline; vertical-align: baseline;">M1038</span></a></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Execution Prevention</span></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Block execution of code on a system through application control, execution prevention features, and/or script blocking.</span></p></td></tr><tr style="height:54pt;"><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><a href="https://attack.mitre.org/mitigations/M1040/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(11, 87, 208); font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; text-decoration-line: underline; vertical-align: baseline;">M1040</span></a></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Behavior Prevention on Endpoint</span></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Use capabilities to prevent suspicious behavior patterns from occurring on endpoint systems.</span></p></td></tr><tr style="height:54pt;"><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><a href="https://attack.mitre.org/mitigations/M1042/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(11, 87, 208); font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; text-decoration-line: underline; vertical-align: baseline;">M1042</span></a></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Disable or Remove Feature or Program</span></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Remove or deny access to unnecessary and potentially vulnerable software to prevent abuse by adversaries.</span></p></td></tr><tr style="height:68.25pt;"><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><a href="https://attack.mitre.org/mitigations/M1056/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(11, 87, 208); font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; text-decoration-line: underline; vertical-align: baseline;">M1056</span></a></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Pre-compromise</span></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">This technique cannot be easily mitigated with preventive controls since it is based on behaviors performed outside of the scope of enterprise defenses and controls.</span></p></td></tr><tr style="height:54pt;"><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><a href="https://attack.mitre.org/mitigations/M1022/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(11, 87, 208); font-weight: 700; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; text-decoration-line: underline; vertical-align: baseline;">M1022</span></a></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Restrict Web-Based Content</span></p></td><td style="border-left:solid #1f1f1f 0.416667pt;border-right:solid #1f1f1f 0.416667pt;border-bottom:solid #1f1f1f 0.416667pt;border-top:solid #1f1f1f 0.416667pt;vertical-align:top;background-color:#efefef;padding:6pt 9pt 6pt 9pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.38;margin-top:0pt;margin-bottom:24pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(31, 31, 31); font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline;">Restrict use of certain websites, block downloads/attachments, block Javascript, restrict browser extensions.</span></p></td></tr></tbody></table></div></span>