Common Information
| Type | Value |
|---|---|
| Value |
Email Addresses - T1589.002 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may gather email addresses that can be used during targeting. Even if internal instances exist, organizations may have public-facing email infrastructure and addresses for employees. Adversaries may easily gather email addresses, since they may be readily available and exposed via online or other accessible data sets (ex: [Social Media](https://attack.mitre.org/techniques/T1593/001) or [Search Victim-Owned Websites](https://attack.mitre.org/techniques/T1594)).(Citation: HackersArise Email)(Citation: CNET Leaks) Email addresses could also be enumerated via more active means (i.e. [Active Scanning](https://attack.mitre.org/techniques/T1595)), such as probing and analyzing responses from authentication services that may reveal valid usernames in a system.(Citation: GrimBlog UsernameEnum) For example, adversaries may be able to enumerate email addresses in Office 365 environments by querying a variety of publicly available API endpoints, such as autodiscover and GetCredentialType.(Citation: GitHub Office 365 User Enumeration)(Citation: Azure Active Directory Reconnaisance) Gathering this information may reveal opportunities for other forms of reconnaissance (ex: [Search Open Websites/Domains](https://attack.mitre.org/techniques/T1593) or [Phishing for Information](https://attack.mitre.org/techniques/T1598)), establishing operational resources (ex: [Email Accounts](https://attack.mitre.org/techniques/T1586/002)), and/or initial access (ex: [Phishing](https://attack.mitre.org/techniques/T1566) or [Brute Force](https://attack.mitre.org/techniques/T1110) via [External Remote Services](https://attack.mitre.org/techniques/T1133)). |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-10-25 | 0 | Troves of UN gender violence data leaked by unsecured database | ||
| Details | Website | 2024-10-25 | 25 | ReliaQuest Uncovers New Black Basta Social Engineering Technique | ||
| Details | Website | 2024-10-25 | 4 | How Do I Validate An Email Sender? | ||
| Details | Website | 2024-10-25 | 2 | Cyber Briefing: 2024.10.25 | ||
| Details | Website | 2024-10-25 | 0 | UnitedHealth Ransomware Attack Exposed 100 Million People | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-10-25 | 25 | ReliaQuest Uncovers New Black Basta Social Engineering Technique - ReliaQuest | ||
| Details | Website | 2024-10-25 | 25 | Cyble Sensor Intelligence Report: October 16-22 | ||
| Details | Website | 2024-10-25 | 8 | Army CID warns against romance scams | Article | #lovescams | #military | #datingscams | #datingscams | #love | #relationships | #scams | #pof | #match.com | #dating | National Cyber Security Consulting | ||
| Details | Website | 2024-10-25 | 1 | Exploring The Latest Trends In Email Verification | ||
| Details | Website | 2024-10-25 | 1 | How Does Nordvpn Work | ||
| Details | Website | 2024-10-24 | 0 | UnitedHealth says Change Healthcare data breach affects over 100 million people in America | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-10-24 | 0 | Transak ransomware attack compromises 92,000 users | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-10-24 | 0 | Hot Topic Data Breach Exposes of 350 Million Customers – | ||
| Details | Website | 2024-10-24 | 1 | How To Check Fake Email? | ||
| Details | Website | 2024-10-24 | 7 | How I Accessed Microsoft’s ServiceNow — Exposing ALL Microsoft Employee emails, Chat Support… | ||
| Details | Website | 2024-10-24 | 2 | The extent of Hardcoded Secrets: From Development to Production | ||
| Details | Website | 2024-10-24 | 0 | Duo linked to Singapore-based Chinese cybercrime ring gets jail over purchased data of 9,369 people | #cybercrime | #infosec | National Cyber Security Consulting | ||
| Details | Website | 2024-10-24 | 13 | CVE-2024-47575: FortiManager Missing Authentication Zero-Day Vulnerability Explained | ||
| Details | Website | 2024-10-24 | 0 | ELife Vehicle Hiring Service Hit by Alleged Data Breach: 170,000 Users Affected - CloudSEK News | ||
| Details | Website | 2024-10-24 | 2 | Hackers Leak 180,000 Esport North Africa User Records a Day Before Tournament Begins | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | ||
| Details | Website | 2024-10-23 | 2 | Don’t Let Cyber Criminals Win: Essential Online Safety Tips | ||
| Details | Website | 2024-10-23 | 1 | Enhancing Gmail Email Security With Verification | ||
| Details | Website | 2024-10-23 | 0 | Q3 2024: Product Updates and Highlights | ||
| Details | Website | 2024-10-23 | 0 | ID card selfie: pros and cons | ||
| Details | Website | 2024-10-23 | 7 | Cyble Sensors Uncover Cyberattacks on Java Framework and IoT Devices |