T1071 - Application Layer Protocol - MITRE ATT&CK

Threat entity extracted from intelligence sources

Frequency
837
occurrences
First Seen
November 19, 2025
Last Seen
July 17, 2026

T1071 - Application Layer Protocol is a mitre_attack tracked across 50 threat clusters and 837 intelligence report mentions on ThreatCluster. First observed November 19, 2025; most recent activity July 17, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • Symantec Threat Hunter Team — www.security.com · July 17, 2026
  • GoSerpent Backdoor Looted Police and Biometric Data Across Southeast Asia for Five Years — Techtimes · July 17, 2026
  • Fake TTF files deliver stealthy malware in global phishing campaign — Csoonline · July 17, 2026
  • New ClickLock macOS malware traps users into revealing login password — Bleepingcomputer · July 16, 2026
  • New TELEPUZ malware spreads via ClickFix lures — Feeds.Feedburner · July 16, 2026
  • New TuxBot v3 Evolution IoT botnet framework shows signs of AI development — Feeds.Feedburner · July 16, 2026
  • New Spirals ransomware can lock down an entire network in under 24 hours — Pcquest · July 16, 2026
  • Unc2447 Sombrat And Fivehands Ransomware Sophisticated Financial Threat — cloud.google.com · July 16, 2026

CVSS v3.1 Breakdown