Show in Graph
Common Information
Type Value
Value 
Code Repositories - T1213.003
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may leverage code repositories to collect valuable information. Code repositories are tools/services that store source code and automate software builds. They may be hosted internally or privately on third party sites such as Github, GitLab, SourceForge, and BitBucket. Users typically interact with code repositories through a web application or command-line utilities such as git. Once adversaries gain access to a victim network or a private code repository, they may collect sensitive information such as proprietary source code or credentials contained within software's source code. Having access to software's source code may allow adversaries to develop [Exploits](https://attack.mitre.org/techniques/T1587/004), while credentials may provide access to additional resources using [Valid Accounts](https://attack.mitre.org/techniques/T1078).(Citation: Wired Uber Breach)(Citation: Krebs Adobe) **Note:** This is distinct from [Code Repositories](https://attack.mitre.org/techniques/T1593/003), which focuses on conducting [Reconnaissance](https://attack.mitre.org/tactics/TA0043) via public code repositories.
Details Published Attributes CTI Title
Details Website 2024-10-15 3 Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems - CyberSRC
Details Website 2024-10-14 15 Make Deployments Great Again: How to Use Helm with Continuous Deployment (CD)
Details Website 2024-10-12 0 Type of cyber Security Threats
Details Website 2024-10-12 0 Types of Cyber Security Threats
Details Website 2024-10-09 3 Hackers Hide Remcos RAT in GitHub Repository Comments | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | National Cyber Security Consulting
Details Website 2024-10-09 0 Product Update: IP and Code Threat Detection Now Available for GitHub and Atlassian’s Suite of Products, Including Confluence and Jira
Details Website 2024-10-09 6 5 commercial software attacks — and what you can learn from them
Details Website 2024-10-09 6 5 commercial software attacks — and what you can learn from them
Details Website 2024-10-07 0 Simplify Password Security with WSO2 Asgardeo: Rule-Based Password Expiration & More 🚀
Details Website 2024-10-07 2 Our Experience Building the Synk Integration
Details Website 2024-10-04 20 Getting started with Detection-as-Code and Sekoia Platform
Details Website 2024-10-03 0 The Secret Weakness Execs Are Overlooking: Non-Human Identities
Details Website 2024-10-02 25 Security Brief: Royal Mail Lures Deliver Open Source Prince Ransomware | Proofpoint US
Details Website 2024-10-01 9 Detecting Vulnerability Scanning Traffic From Underground Tools Using Machine Learning
Details Website 2024-09-29 0 NHI Use Case-1: Cross-Organization API Acess using API Keys
Details Website 2024-09-27 44 30 Advanced Google Dork Queries for Uncovering Hidden Data and OSINT Insights
Details Website 2024-09-24 3 Winning the AIxCC Qualification Round
Details Website 2024-09-24 0 On the Security of Halo2 Proof System
Details Website 2024-09-24 6 Google & Arm - Raising The Bar on GPU Security
Details Website 2024-09-23 0 Microsoft’s Secure Future Initiative: A Bold Move to Reinforce Global Cybersecurity
Details Website 2024-09-23 0 Unlocking the Power of Large Language Models (LLMs) for Cybersecurity and Cloud Engineering
Details Website 2024-09-23 1 North Korean Threat Actors Exploit Python Packages to Deliver PondRAT Malware - CyberSRC
Details Website 2024-09-23 0 A FAIR perspective on generative AI risks and frameworks
Details Website 2024-09-20 1 GitLab Patches Critical SAML Authentication Bypass Vulnerability - CyberSRC
Details Website 2024-09-19 2 Why is Software Supply Chain Security a Must?