# APT29(MITRE ATT\&CK)

{% embed url="<https://youtu.be/3P5QL564a_g?si=tpbl90UkaQQPMxkM>" %}

### 1. APT29 <a href="#id-1" id="id-1"></a>

APT29は Advanced Persistent Threat(知能型持続攻撃)を使ったハッキンググループ

2013年度3.20電算大乱、エターナルブルーなど国家的損失が発生した大きなハッキング団体を定義する方式

### 2. デモ攻撃シナリオ <a href="#id-2" id="id-2"></a>

1\) APT29模擬攻撃のデモンストレーション

2\) PLURAでAPT29攻撃ログを確認 - マイヤーアタック、ホスト探知

### 3. 参考サイト <a href="#id-3" id="id-3"></a>

\[1] 知能型持続脅威(APT)) <https://blog.plura.io/ja/respond/apt_attack_detection/>

\[2] MITRE ATT\&CK 理解 <https://blog.plura.io/ja/column/mitre_attck/>

\[3] マイターマニュアル [https://docs.plura.io/ja/fn/comm/sdetection/attack/matrix](https://docs.plura.io/ja/function/common/sdetection/attack/matrix)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.plura.io/ja/video/demo/system/apt29.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.