Common Information
| Type | Value |
|---|---|
| Value |
Email Addresses - T1589.002 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may gather email addresses that can be used during targeting. Even if internal instances exist, organizations may have public-facing email infrastructure and addresses for employees. Adversaries may easily gather email addresses, since they may be readily available and exposed via online or other accessible data sets (ex: [Social Media](https://attack.mitre.org/techniques/T1593/001) or [Search Victim-Owned Websites](https://attack.mitre.org/techniques/T1594)).(Citation: HackersArise Email)(Citation: CNET Leaks) Email addresses could also be enumerated via more active means (i.e. [Active Scanning](https://attack.mitre.org/techniques/T1595)), such as probing and analyzing responses from authentication services that may reveal valid usernames in a system.(Citation: GrimBlog UsernameEnum) For example, adversaries may be able to enumerate email addresses in Office 365 environments by querying a variety of publicly available API endpoints, such as autodiscover and GetCredentialType.(Citation: GitHub Office 365 User Enumeration)(Citation: Azure Active Directory Reconnaisance) Gathering this information may reveal opportunities for other forms of reconnaissance (ex: [Search Open Websites/Domains](https://attack.mitre.org/techniques/T1593) or [Phishing for Information](https://attack.mitre.org/techniques/T1598)), establishing operational resources (ex: [Email Accounts](https://attack.mitre.org/techniques/T1586/002)), and/or initial access (ex: [Phishing](https://attack.mitre.org/techniques/T1566) or [Brute Force](https://attack.mitre.org/techniques/T1110) via [External Remote Services](https://attack.mitre.org/techniques/T1133)). |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-10-23 | 0 | Trick or Treat? Your Infrastructure Might Be Haunted by Zombie and Shadow APIs - Cybersecurity Insiders | ||
| Details | Website | 2024-10-23 | 44 | Highlighting TA866/Asylum Ambuscade Activity Since 2021 | ||
| Details | Website | 2024-10-23 | 1 | [KILLSEC] - Ransomware Victim: shipkar[.]co[.]in - RedPacket Security | ||
| Details | Website | 2024-10-23 | 1 | Real-time Blocking Of Malicious Websites | ||
| Details | Website | 2024-10-23 | 1 | The Global Surveillance Free-for-All in Mobile Ad Data – Krebs on Security | ||
| Details | Website | 2024-10-22 | 9 | CyberChef: The Basics | TryHackMe Walkthrough | ||
| Details | Website | 2024-10-22 | 1 | The Role Of Email Verification APIs In Data Protection | ||
| Details | Website | 2024-10-22 | 0 | 3 Top Cloud Attacks and How to Protect Against Them | ||
| Details | Website | 2024-10-22 | 0 | Phishing Attack Impacts Over 92,000 Transak Users | ||
| Details | Website | 2024-10-22 | 21 | Cyble Sensors Detect Attacks On Java Framework, IoT Devices | ||
| Details | Website | 2024-10-22 | 4 | Phishing Attacks: What They Are and How to Protect Yourself - CloudSEK News | ||
| Details | Website | 2024-10-22 | 0 | The Worldwide Impact of Cybersecurity Risks | #cybercrime | #infosec | National Cyber Security Consulting | ||
| Details | Website | 2024-10-22 | 2 | Fortinet's Threat Intelligence Highlights Election Cyber Risks | #ransomware | #cybercrime | National Cyber Security Consulting | ||
| Details | Website | 2024-10-22 | 7 | Search Skills | Try Hack Me |Walkthrough | Cyber Security 101 | ||
| Details | Website | 2024-10-22 | 0 | Fair Vote Canada - 134,336 breached accounts - RedPacket Security | ||
| Details | Website | 2024-10-22 | 2 | You’re the Strongest Link | ||
| Details | Website | 2024-10-22 | 0 | 3 Top Cloud Attacks and How to Protect Against Them - ReliaQuest | ||
| Details | Website | 2024-10-22 | 0 | Four Pillars of an Effective Cybersecurity Awareness Program | ||
| Details | Website | 2024-10-22 | 2 | Hacker Claims to Have Breached the Internet Archive Again | ||
| Details | Website | 2024-10-21 | 945 | US-CERT Vulnerability Summary for the Week of October 14, 2024 - RedPacket Security | ||
| Details | Website | 2024-10-21 | 1 | Internet Archive Hackers Taunt the Site by Responding to Old Support Tickets | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | ||
| Details | Website | 2024-10-21 | 0 | Digital Deception Exposed: Why Catfishing is the Next Cybersecurity Crisis in the Post-Truth Era | ||
| Details | Website | 2024-10-21 | 2 | Internet Archive (Archive.org) Hacked for Second Time in a Month | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | ||
| Details | Website | 2024-10-21 | 1 | How To Avoid Email Fraud With Verification | ||
| Details | Website | 2024-10-21 | 1 | Ensuring Gmail Emails Are Authentic |