UAT-4356
Unknown Dormant
- Mentions
- 1
- First seen
- 23 Apr 2026
- Last seen
- 23 Apr 2026
Origin
Unattributed
Profile
UAT-4356 is a threat actor recently observed targeting Cisco Firepower devices. Limited information is currently available about the actor's exact methods and objectives. Further research is needed to complete the profile.
Affected vendors
Cisco
How they operate (MITRE tactics)
Initial Access
Recommended mitigations
Derived from MITRE ATT&CK, mapped to this actor's techniques.
- M1016 Vulnerability Scanning
- M1018 User Account Management
- M1021 Restrict Web-Based Content
- M1026 Privileged Account Management
- M1030 Network Segmentation
- M1031 Network Intrusion Prevention
- M1032 Multi-factor Authentication
- M1035 Limit Access to Resource Over Network
- M1037 Filter Network Traffic
- M1042 Disable or Remove Feature or Program
- M1046 Boot Integrity
- M1047 Audit
- M1048 Application Isolation and Sandboxing
- M1050 Exploit Protection
- M1051 Update Software
Linked CVEs
- CVE-2026-20127 CVSS 9.9 EPSS 44%
Related actors
Share a CVE, technique or malware with this actor.