Common Information
| Type | Value |
|---|---|
| Value |
Email Addresses - T1589.002 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may gather email addresses that can be used during targeting. Even if internal instances exist, organizations may have public-facing email infrastructure and addresses for employees. Adversaries may easily gather email addresses, since they may be readily available and exposed via online or other accessible data sets (ex: [Social Media](https://attack.mitre.org/techniques/T1593/001) or [Search Victim-Owned Websites](https://attack.mitre.org/techniques/T1594)).(Citation: HackersArise Email)(Citation: CNET Leaks) Email addresses could also be enumerated via more active means (i.e. [Active Scanning](https://attack.mitre.org/techniques/T1595)), such as probing and analyzing responses from authentication services that may reveal valid usernames in a system.(Citation: GrimBlog UsernameEnum) For example, adversaries may be able to enumerate email addresses in Office 365 environments by querying a variety of publicly available API endpoints, such as autodiscover and GetCredentialType.(Citation: GitHub Office 365 User Enumeration)(Citation: Azure Active Directory Reconnaisance) Gathering this information may reveal opportunities for other forms of reconnaissance (ex: [Search Open Websites/Domains](https://attack.mitre.org/techniques/T1593) or [Phishing for Information](https://attack.mitre.org/techniques/T1598)), establishing operational resources (ex: [Email Accounts](https://attack.mitre.org/techniques/T1586/002)), and/or initial access (ex: [Phishing](https://attack.mitre.org/techniques/T1566) or [Brute Force](https://attack.mitre.org/techniques/T1110) via [External Remote Services](https://attack.mitre.org/techniques/T1133)). |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-10-30 | 2 | Russia-linked Midnight Blizzard APT targeted 100+ organizations with a spear-phishing campaign using RDP files | ||
| Details | Website | 2024-10-30 | 0 | Ex-Disney worker hacked menus to claim foods peanut-free | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting | ||
| Details | Website | 2024-10-30 | 1 | Efficient VPN Services With Malware Protection | ||
| Details | Website | 2024-10-30 | 3 | The Evolution of Cybersecurity | ||
| Details | Website | 2024-10-30 | 1 | Simple Ways VPNs Improve Your Internet Security | ||
| Details | Website | 2024-10-30 | 1 | How Does SMTP Verify Sender? | ||
| Details | Website | 2024-10-30 | 19 | EMERALDWHALE: 15k Cloud Credentials Stolen in Operation Targeting Exposed Git Config Files | ||
| Details | Website | 2024-10-30 | 0 | Netherlands police lead takedown of Redline, META malware networks | #cybercrime | #infosec | National Cyber Security Consulting | ||
| Details | Website | 2024-10-30 | 0 | Cross-Site Scripting (XSS) in Blockchain Web Applications — Risks and Mitigations | ||
| Details | Website | 2024-10-30 | 2 | Over Half of US County Websites “Could Be Spoofed” | ||
| Details | Website | 2024-10-30 | 1 | New Jersey Senior Scammed Out of $50,000 In 'Sick' Romance Scam | #datingscams | #lovescams | #datingscams | #love | #relationships | #scams | #pof | #match.com | #dating | National Cyber Security Consulting | ||
| Details | Website | 2024-10-30 | 0 | Global police shut down malware group 'targeting millions', IT Security News, ET CISO | #cybercrime | #infosec | National Cyber Security Consulting | ||
| Details | Website | 2024-10-30 | 6 | Discovered a Unique Email Verification Bypass | ||
| Details | Website | 2024-10-30 | 0 | Today’s Top Cyber Intelligence Highlights — Oct 30, 2024 | ||
| Details | Website | 2024-10-30 | 0 | Top Phishing Scams of 2024 and How to Avoid Them | ||
| Details | Website | 2024-10-30 | 1 | Advanced Email Validation To Protect Reputation | ||
| Details | Website | 2024-10-30 | 0 | Hackers find 15,000 credentials by scanning for git configuration | ||
| Details | Website | 2024-10-30 | 19 | EMERALDWHALE: 15k Cloud Credentials Stolen in Operation Targeting Exposed Git Config Files | ||
| Details | Website | 2024-10-30 | 2 | RedLine and Meta: The Story of Two Disrupted Infostealers | ||
| Details | Website | 2024-10-30 | 0 | Interbank confirms data breach following failed extortion, data leak | ||
| Details | Website | 2024-10-30 | 0 | Why Netizens Should Care About Data Leaks | ||
| Details | Website | 2024-10-29 | 0 | McAfee Total Protection Review: Guarding Your Devices Effortlessly | ||
| Details | Website | 2024-10-29 | 0 | Malware targeting millions of people taken down by international coalition | Eurojust | #cybercrime | #infosec | National Cyber Security Consulting | ||
| Details | Website | 2024-10-29 | 1 | U.S. Joins International Action Against RedLine and META Infostealers | ||
| Details | Website | 2024-10-29 | 1 | Secure System For Custom Domain Email Verification |