Show in Graph
Common Information
Type Value
Value 
Code Repositories - T1213.003
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may leverage code repositories to collect valuable information. Code repositories are tools/services that store source code and automate software builds. They may be hosted internally or privately on third party sites such as Github, GitLab, SourceForge, and BitBucket. Users typically interact with code repositories through a web application or command-line utilities such as git. Once adversaries gain access to a victim network or a private code repository, they may collect sensitive information such as proprietary source code or credentials contained within software's source code. Having access to software's source code may allow adversaries to develop [Exploits](https://attack.mitre.org/techniques/T1587/004), while credentials may provide access to additional resources using [Valid Accounts](https://attack.mitre.org/techniques/T1078).(Citation: Wired Uber Breach)(Citation: Krebs Adobe) **Note:** This is distinct from [Code Repositories](https://attack.mitre.org/techniques/T1593/003), which focuses on conducting [Reconnaissance](https://attack.mitre.org/tactics/TA0043) via public code repositories.
Details Published Attributes CTI Title
Details Website 2023-10-30 4 CloudKeys in the Air: Tracking Malicious Operations of Exposed IAM Keys
Details Website 2023-10-29 97 Octo Tempest: extortion through phishing, SIM swapping and ransomware
Details Website 2023-10-27 1 Octo Tempest Group Threatens Physical Violence as Social Engineering Tactic
Details Website 2023-10-27 1 Microsoft: Octo Tempest is one of the most dangerous financial hacking groups - RedPacket Security
Details Website 2023-10-26 0 Responding and Defending Against IdP Vendor Compromise
Details Website 2023-10-26 5 Meet Octo Tempest, 'Most Dangerous Financial' Hackers
Details Website 2023-10-26 1 Microsoft: Octo Tempest is one of the most dangerous financial hacking groups
Details Website 2023-10-25 11 Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction | Microsoft Security Blog
Details Website 2023-10-24 0 CI/CD Pipeline: Master Tool Set-Up Challenges
Details Website 2023-10-24 0 GitHub boosts secrets scanning: A necessary step, but supply chain security is key to managing risk
Details Website 2023-10-20 0 Okta says its support system was breached using stolen credentials
Details Website 2023-10-19 1 Valve Enhances Steam Security With SMS Verification
Details Website 2023-10-18 0 Elastic Global Threat Report 2023: Top cybersecurity forecasts and recommendations
Details Website 2023-09-20 1 Checkmarx Named a Leader in Static Application Security Testing (SAST) by Independent Research Firm | Checkmarx.com
Details Website 2023-09-20 2 LUCR-3: Scattered Spider Getting SaaS-y in the Cloud
Details Website 2023-09-18 6 Okta Source Code Breach: How to Evaluate the Impact & Protect your Organization
Details Website 2023-09-18 0 A 2022 Year-end Recap on Cloud Threats
Details Website 2023-09-15 816 UNC3944: SMS Phishing, SIM Swapping, and Ransomware Attacks
Details Website 2023-09-11 0 Elevating Cloud Security Response with Cloud-to-Code Tracing
Details Website 2023-09-08 2 Secure Software Implementation in OWASP SAMM
Details Website 2023-09-04 0 Evolution of Cloud Tactics, Techniques, and Procedures | SANS
Details Website 2023-09-01 0 Understanding Cybersecurity Footprinting: Techniques and Strategies
Details Website 2023-08-31 0 Cloud Detection and Response Needs To Break Down Boundaries
Details Website 2023-08-29 0 Cryptocurrency Malware: An Ever-Adapting Threat
Details Website 2023-08-25 195 Russia/Ukraine Update - August 2023