Show in Graph
Common Information
Type Value
Value 
Serverless - T1583.007
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may purchase and configure serverless cloud infrastructure, such as Cloudflare Workers or AWS Lambda functions, that can be used during targeting. By utilizing serverless infrastructure, adversaries can make it more difficult to attribute infrastructure used during operations back to them. Once acquired, the serverless runtime environment can be leveraged to either respond directly to infected machines or to [Proxy](https://attack.mitre.org/techniques/T1090) traffic to an adversary-owned command and control server.(Citation: BlackWater Malware Cloudflare Workers)(Citation: AWS Lambda Redirector) As traffic generated by these functions will appear to come from subdomains of common cloud providers, it may be difficult to distinguish from ordinary traffic to these providers.(Citation: Detecting Command & Control in the Cloud)(Citation: BlackWater Malware Cloudflare Workers)
Details Published Attributes CTI Title
Details Website 2023-08-08 0 Leverage the AWS Sustainability Pillar to Minimize Environmental Impact
Details Website 2023-08-07 0 Cado Introducing New Varc Capability and Cloud-Focused Malware Campaigns at Black Hat USA and BSides Las Vegas 2023 - Cado Security | Cloud Forensics & Incident Response
Details Website 2023-08-04 0 AI, Security, and the Cloud, Part 4: GOOGLE CLOUD
Details Website 2023-08-04 2 Generative AI Tools Help Criminals Launch More Sophisticated Attacks
Details Website 2023-08-03 1 Cyber Briefing: 2023.08.03
Details Website 2023-08-03 0 Automated Remediation in the Cloud: Empowering Efficiency with Cado - Cado Security | Cloud Forensics & Incident Response
Details Website 2023-08-03 0 What is CNAPP? What it Means and Why It Matters - Uptycs
Details Website 2023-08-02 0 Cado Security Labs Releases 2023 Cloud Threat Findings Report  - Cado Security | Cloud Forensics & Incident Response
Details Website 2023-08-01 14 Facebook clickbait leads to money scam for users - RedPacket Security
Details Website 2023-08-01 0 Let’s talk about Azure AD on apps, data and resources
Details Website 2023-08-01 0 How to Leverage the AWS Cost Optimization Pillar
Details Website 2023-07-31 2 Wiz's agentless approach to cloud-native vulnerability management | Wiz Blog
Details Website 2023-07-31 10 Cado Security Labs Encounter Novel Malware, Redis P2Pinfect - Cado Security | Cloud Forensics & Incident Response
Details Website 2023-07-31 4 Perform continuous vulnerability scanning of AWS Lambda functions with Amazon Inspector | Amazon Web Services
Details Website 2023-07-31 1 How to receive alerts when your IAM configuration changes | Amazon Web Services
Details Website 2023-07-30 10 Experiment #3
Details Website 2023-07-29 2 🌐 Web Development: Building the Digital Universe 🚀💻🌐
Details Website 2023-07-28 7 Identifying Server-Side Technologies for Web Penetration Testing Applications — 5 | 2023
Details Website 2023-07-27 1 Zenbleed CVE-2023-20593: What you need to know about the latest CPU vulnerability
Details Website 2023-07-27 0 Fingerprint enables rapid regulatory compliance with Elastic
Details Website 2023-07-25 0 Decoding the NIST Cloud Computing Forensics Reference Architecture - Cado Security | Cloud Forensics & Incident Response
Details Website 2023-07-25 0 How to Leverage AWS Performance Efficiency Pillar
Details Website 2023-07-24 1 Streamline Software Bill of Materials (SBOM) Generation with Wiz's Agentless SBOM | Wiz Blog
Details Website 2023-07-24 1 Streamline Software Bill of Materials (SBOM) Generation with Wiz's Agentless SBOM | Wiz Blog
Details Website 2023-07-22 6 About TLS, DNS, Encryption and OPSEC concepts