ioc[.]one - OSINT Cyber Threat Intelligence Database

Show in Graph

Common Information

Type	Value
Value	Email Addresses - T1589.002
Category	Attack-Pattern
Type	Mitre-Attack-Pattern
Misp Type	Cluster
Description	Adversaries may gather email addresses that can be used during targeting. Even if internal instances exist, organizations may have public-facing email infrastructure and addresses for employees. Adversaries may easily gather email addresses, since they may be readily available and exposed via online or other accessible data sets (ex: [Social Media](https://attack.mitre.org/techniques/T1593/001) or [Search Victim-Owned Websites](https://attack.mitre.org/techniques/T1594)).(Citation: HackersArise Email)(Citation: CNET Leaks) Email addresses could also be enumerated via more active means (i.e. [Active Scanning](https://attack.mitre.org/techniques/T1595)), such as probing and analyzing responses from authentication services that may reveal valid usernames in a system.(Citation: GrimBlog UsernameEnum) For example, adversaries may be able to enumerate email addresses in Office 365 environments by querying a variety of publicly available API endpoints, such as autodiscover and GetCredentialType.(Citation: GitHub Office 365 User Enumeration)(Citation: Azure Active Directory Reconnaisance) Gathering this information may reveal opportunities for other forms of reconnaissance (ex: [Search Open Websites/Domains](https://attack.mitre.org/techniques/T1593) or [Phishing for Information](https://attack.mitre.org/techniques/T1598)), establishing operational resources (ex: [Email Accounts](https://attack.mitre.org/techniques/T1586/002)), and/or initial access (ex: [Phishing](https://attack.mitre.org/techniques/T1566) or [Brute Force](https://attack.mitre.org/techniques/T1110) via [External Remote Services](https://attack.mitre.org/techniques/T1133)).

Details		Published	Attributes	Title
Details	Website	2024-11-12	0	Hot Topic - 56,904,909 breached accounts - RedPacket Security
Details	Website	2024-11-12	0	US oilfield service provider disrupted by ransomware attack \| #ransomware \| #cybercrime \| National Cyber Security Consulting
Details	Website	2024-11-12	13	Lessons from the Data Breach at Mt Hira College
Details	Website	2024-11-11	0	Amazon discloses employee data breach after May 2023 MOVEit attacks
Details	Website	2024-11-11	0	🚨 Amazon Confirms Data Breach: What It Means for Employee Security and Penetration Testing 🚨
Details	Website	2024-11-11	2	Aruba.it Email Scam Explained –
Details	Website	2024-11-11	0	Rise in crooks stealing data using government emails • The Register \| #cybercrime \| #infosec \| National Cyber Security Consulting
Details	Website	2024-11-11	12	Harvesting the Database - 5 CVEs in TOPqw Webportal
Details	Website	2024-11-11	0	489 Million Instagram Accounts Scraped and Listed for Sale on Dark Web - SOCRadar® Cyber Intelligence Inc.
Details	Website	2024-11-11	8	11th November – Threat Intelligence Report
Details	Website	2024-11-11	8	11th November – Threat Intelligence Report - Check Point Research
Details	Website	2024-11-11	0	Appleton Harley-Davidson Leak, GTA V Source Code, and ORBCOMM Database on Dark Web - SOCRadar® Cyber Intelligence Inc.
Details	Website	2024-11-11	2	489 Million Instagram Accounts Scraped and Listed for Sale on Dark Web
Details	Website	2024-11-11	0	Essential Cybersecurity Practices for Protecting Personal Data
Details	Website	2024-11-11	1	Appleton Harley-Davidson Leak, GTA V Source Code, and ORBCOMM Database on Dark Web
Details	Website	2024-11-11	2	Understanding the Different Types of IOCs — Hashes, IPs, URLs, and More
Details	Website	2024-11-11	1	Threat Actors Allegedly Claim Leak of 489 Million Lines of Instagram Data
Details	Website	2024-11-11	1	Threat Actors Allegedly Claim Leak of Harley-Davidson Database
Details	Website	2024-11-11	1	Amazon confirms employee data breach after vendor hack
Details	Website	2024-11-11	0	HIBP notifies 57 million people of Hot Topic data breach
Details	Website	2024-11-11	0	FBI Warns that Criminals Could Send Fake Emergency Data Requests to Steal People's Private Information
Details	Website	2024-11-10	0	200,000 SelectBlinds Customers Exposed In Card-Skimming Data Breach \| #hacking \| #cybersecurity \| #infosec \| #comptia \| #pentest \| #ransomware \| National Cyber Security Consulting
Details	Website	2024-11-10	0	McAfee Total Protection Review: Peace of Mind Online
Details	Website	2024-11-10	1	Understanding Cybersecurity: How to Protect Yourself from Online Threats in 2024
Details	Website	2024-11-09	1	FBI: Spike in Hacked Police Emails, Fake Subpoenas