Common Information
| Type | Value |
|---|---|
| Value |
Email Addresses - T1589.002 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may gather email addresses that can be used during targeting. Even if internal instances exist, organizations may have public-facing email infrastructure and addresses for employees. Adversaries may easily gather email addresses, since they may be readily available and exposed via online or other accessible data sets (ex: [Social Media](https://attack.mitre.org/techniques/T1593/001) or [Search Victim-Owned Websites](https://attack.mitre.org/techniques/T1594)).(Citation: HackersArise Email)(Citation: CNET Leaks) Email addresses could also be enumerated via more active means (i.e. [Active Scanning](https://attack.mitre.org/techniques/T1595)), such as probing and analyzing responses from authentication services that may reveal valid usernames in a system.(Citation: GrimBlog UsernameEnum) For example, adversaries may be able to enumerate email addresses in Office 365 environments by querying a variety of publicly available API endpoints, such as autodiscover and GetCredentialType.(Citation: GitHub Office 365 User Enumeration)(Citation: Azure Active Directory Reconnaisance) Gathering this information may reveal opportunities for other forms of reconnaissance (ex: [Search Open Websites/Domains](https://attack.mitre.org/techniques/T1593) or [Phishing for Information](https://attack.mitre.org/techniques/T1598)), establishing operational resources (ex: [Email Accounts](https://attack.mitre.org/techniques/T1586/002)), and/or initial access (ex: [Phishing](https://attack.mitre.org/techniques/T1566) or [Brute Force](https://attack.mitre.org/techniques/T1110) via [External Remote Services](https://attack.mitre.org/techniques/T1133)). |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-09 | 0 | Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering | ||
| Details | Website | 2024-11-09 | 0 | Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering - RedPacket Security | ||
| Details | Website | 2024-11-09 | 1 | FBI: Spike in Hacked Police Emails, Fake Subpoenas – Krebs on Security | ||
| Details | Website | 2024-11-08 | 2 | [APT73] - Ransomware Victim: liftkits4less[.]com - RedPacket Security | ||
| Details | Website | 2024-11-08 | 1 | Cyber Briefing: 2024.11.08 | ||
| Details | Website | 2024-11-08 | 2 | New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus | ||
| Details | Website | 2024-11-08 | 4 | Weekly Cybersecurity News | ||
| Details | Website | 2024-11-08 | 10 | Phishing: How to Spot the Silent Cyber Threat Before It Strikes | ||
| Details | Website | 2024-11-08 | 2 | Kimova AI ISO 27001 Auditing Series: Technological Control A.8.12: Data Leakage Prevention | ||
| Details | Website | 2024-11-08 | 2 | New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus - RedPacket Security | ||
| Details | Website | 2024-11-08 | 8 | SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims - CyberSRC | ||
| Details | Website | 2024-11-08 | 0 | China’s Expanding Cyber Threats: Stephen Viña’s Urgent Call to Action at NMFTA Conference | ||
| Details | Website | 2024-11-08 | 0 | Earth 2 - 420,961 breached accounts - RedPacket Security | ||
| Details | Website | 2024-11-07 | 0 | Part 2: The Reconnaissance Phase — Uncovering the Secrets of Phishing Preparation | ||
| Details | Website | 2024-11-07 | 1 | How Advanced VPN Can Improve Client Confidentiality | ||
| Details | Website | 2024-11-07 | 2 | Essential Cyber Intel Brief: 11/07/2024 | ||
| Details | Website | 2024-11-07 | 0 | Protect Yourself from Bank Impersonation Scams: Universal Tips for Safe Banking. | ||
| Details | Website | 2024-11-07 | 0 | Cyber Attack Warning As Hackers Use AI And Gmail In New Campaign | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-11-07 | 2 | INTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on Cybercrime - CyberSRC | ||
| Details | Website | 2024-11-07 | 0 | Tor Browser and anonymity: what you need to know | ||
| Details | Website | 2024-11-07 | 4 | Essential Terms for Cybersecurity Conversations: Security and Key Tech Lingo A-Z | ||
| Details | Website | 2024-11-07 | 1 | IntelBroker Threat Actor Claims to Have Leaked uLektz.com User Database - CloudSEK News | ||
| Details | Website | 2024-11-07 | 2 | Massive Nigerian Cybercrime Bust Sees 130 Arrested | #cybercrime | #infosec | National Cyber Security Consulting | ||
| Details | Website | 2024-11-07 | 0 | Tips for Using Google Workspace Safely | ||
| Details | Website | 2024-11-07 | 105 | Not a SIMulation: CrowdStrike Investigations Reveal Intrusion Campaign Targeting Telco and BPO Companies |