College Course
September 15, 2025
[Catchy Title Here]
Example: “How APT28 Targeted the US Elections — A MITRE ATT&CK Perspective”
Why This Matters
Brief hook (2–3 sentences):
- What happened
- Why it was significant (e.g., critical infrastructure, supply chain, elections)
The Actor
- Group Name / Aliases:
- MITRE ATT&CK Page: Link to MITRE Group or Software Page
- Motivation: (espionage, financial gain, disruption)
MITRE ATT&CK Highlights
| Stage | Technique | ATT&CK ID | Why It Matters |
|——|———–|———–|—————|
| Initial Access | Technique Name | Txxxx | Short note on its role |
| Execution | Technique Name | Txxxx | Short note |
| Credential Access | Technique Name | Txxxx | Short note |
| Persistence | Technique Name | Txxxx | Short note |
| Impact | Technique Name | Txxxx | Short note |
(3–5 techniques is enough — no need to be exhaustive)
Timeline / Key Events
- Date 1: What happened
- Date 2: Detection / disclosure
- Date 3: Resolution (e.g., ransom paid, service restored)
Attack Summary
Short paragraph describing:
- How they got in (phishing, stolen credentials, supply chain)
- What they did (lateral movement, exfiltration, ransomware)
- The overall impact on the victim organization
Lessons Learned
- Lesson 1: Brief point
- Lesson 2: Brief point
- Lesson 3: Brief point
Closing Thoughts
A 1–2 sentence conclusion with a key insight or takeaway.
Example: “This incident shows how effective phishing and credential theft remain, highlighting the need for MFA and monitoring.”
References
- MITRE ATT&CK Group/Software Page
- Link to a government advisory (CISA/FBI)
- Link to one reputable news article or analysis