Common Information
| Type | Value |
|---|---|
| Value |
Web Service - T1481 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may use an existing, legitimate external Web service as a means for relaying data to/from a compromised system. Popular websites and social media, acting as a mechanism for C2, may give a significant amount of cover. This is due to the likelihood that hosts within a network are already communicating with them prior to a compromise. Using common services, such as those offered by Google or Twitter, makes it easier for adversaries to hide in expected noise. Web service providers commonly use SSL/TLS encryption, giving adversaries an added level of protection. Use of Web services may also protect back-end C2 infrastructure from discovery through malware binary analysis, or enable operational resiliency (since this infrastructure may be dynamically changed). |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2574-01-02 | 0 | Editors Picks, Apps We Recommend | TechSpot | ||
| Details | Website | 2024-11-15 | 0 | Active Directory Certificate Services— Part 1 | ||
| Details | Website | 2024-11-14 | 0 | Cloud Ransomware Flexes Fresh Scripts Against Web Apps | #ransomware | #cybercrime | National Cyber Security Consulting | ||
| Details | Website | 2024-11-14 | 10 | The State of Cloud Ransomware in 2024 | #ransomware | #cybercrime | National Cyber Security Consulting | ||
| Details | Website | 2024-11-14 | 10 | The State of Cloud Ransomware in 2024 | ||
| Details | Website | 2024-11-13 | 24 | Lessons from a Honeypot with US Citizens’ Data | ||
| Details | Website | 2024-11-13 | 6 | Cracking Cybersploit2 CTF: A Step-by-Step Guide to Root Access | ||
| Details | Website | 2024-11-11 | 12 | Hack The Box : Tier 1 Starting Point -Responder | ||
| Details | Website | 2024-11-08 | 18 | HTBAcademy-Footprinting-IMAP/POP3 | ||
| Details | Website | 2024-11-08 | 35 | Life on a crooked RedLine: Analyzing the infamous infostealer’s backend | ||
| Details | Website | 2024-11-07 | 9 | Dark Web Profile: KillSec - SOCRadar® Cyber Intelligence Inc. | ||
| Details | Website | 2024-11-07 | 11 | Dark Web Profile: KillSec | ||
| Details | Website | 2024-11-06 | 44 | GodFather Malware Targets 500 Banking & Crypto Apps Worldwide | ||
| Details | Website | 2024-11-05 | 0 | Implement effective data authorization mechanisms to secure your data used in generative AI applications | Amazon Web Services | ||
| Details | Website | 2024-11-04 | 35 | G700 : The Next Generation of Craxs RAT - CYFIRMA | ||
| Details | Website | 2024-10-31 | 69 | Comprehensive Bug Bounty Hunting Methodology (2024 Edition) | ||
| Details | Website | 2024-10-31 | 18 | NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilities | ||
| Details | Website | 2024-10-31 | 0 | UnitedHealth Hires Longtime Cybersecurity Executive as CISO | ||
| Details | Website | 2024-10-31 | 18 | NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilities | ||
| Details | Website | 2024-10-29 | 9 | CVE-2024-6678: GitLab Authentication Bypass Vulnerability | ||
| Details | Website | 2024-10-28 | 1185 | US-CERT Vulnerability Summary for the Week of October 21, 2024 - RedPacket Security | ||
| Details | Website | 2024-10-28 | 54 | When WAFs Go Awry: Common Detection & Evasion Techniques for Web Application Firewalls - MDSec | ||
| Details | Website | 2024-10-28 | 28 | Katz and Mouse Game: MaaS Infostealers Adapt to Patched Chrome Defenses — Elastic Security Labs | ||
| Details | Website | 2024-10-27 | 0 | Using AI and YARA | ||
| Details | Website | 2024-10-26 | 22 | CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities |