Common Information
| Type | Value |
|---|---|
| Value |
AZT201 - Valid Credentials |
| Category | Atrm |
| Type | Atrm |
| Misp Type | Cluster |
| Description | Adversaries may login to AzureAD using valid credentials. By logging in with valid credentials to an account or service principal, the adversary will assume all privileges of that account or service principal. If the account is privileged, this may lead to other tactics, such as persistence or privilege escalation. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-16 | 0 | How to Add Windows Machines as Log Sources to QRadar: A Step-by-Step Guide | ||
| Details | Website | 2024-11-15 | 2 | Insider Threats: The Security Risk That’s Already Inside Your Business | ||
| Details | Website | 2024-11-15 | 0 | Ransomware Groups Use Cloud Services For Data Exfiltration | #ransomware | #cybercrime | National Cyber Security Consulting | ||
| Details | Website | 2024-11-15 | 0 | Ransomware Groups Use Cloud Services For Data Exfiltration | ||
| Details | Website | 2024-11-14 | 0 | Bitdefender releases decryptor tool for ShrinkLocker | #ransomware | #cybercrime | National Cyber Security Consulting | ||
| Details | Website | 2024-11-14 | 10 | The State of Cloud Ransomware in 2024 | #ransomware | #cybercrime | National Cyber Security Consulting | ||
| Details | Website | 2024-11-14 | 1 | Link11 thwarts record-breaking DDoS attack | ||
| Details | Website | 2024-11-14 | 10 | The State of Cloud Ransomware in 2024 | ||
| Details | Website | 2024-11-12 | 1115 | US-CERT Vulnerability Summary for the Week of November 4, 2024 - RedPacket Security | ||
| Details | Website | 2024-11-12 | 15 | HPE Aruba Access Points Have Critical Command Injection Vulnerabilities | ||
| Details | Website | 2024-11-11 | 0 | The Threat of Lateral Movement: Are you Covered? | Red Piranha | ||
| Details | Website | 2024-11-07 | 6 | CVE Alert: CVE-2024-51988 - RedPacket Security | ||
| Details | Website | 2024-11-07 | 6 | Cracking Services with Hydra: A Hands-On Guide in TryHackMe’s BF_hydra Room | ||
| Details | Website | 2024-11-07 | 2 | Advanced Ransomware Detection with Next-Gen SIEM | CrowdStrike | ||
| Details | Website | 2024-11-07 | 12 | September 2024 Patch Tuesday: Updates and Analysis | CrowdStrike | ||
| Details | Website | 2024-11-05 | 4 | The Credential Abuse Cycle: Theft, Trade, and Exploitation - ReliaQuest | ||
| Details | Website | 2024-11-04 | 17 | THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 - Nov 03) | ||
| Details | Website | 2024-11-04 | 17 | THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 - Nov 03) - RedPacket Security | ||
| Details | Website | 2024-11-01 | 0 | Intro to Malware, Threats, and Vulnerabilities | ||
| Details | Website | 2024-11-01 | 1 | Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft | ||
| Details | Website | 2024-11-01 | 1 | Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft - RedPacket Security | ||
| Details | Website | 2024-11-01 | 13 | It’s Not Safe To Pay SafePay | Huntress | ||
| Details | Website | 2024-10-31 | 12 | Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network | Microsoft Security Blog | ||
| Details | Website | 2024-10-30 | 19 | EMERALDWHALE: 15k Cloud Credentials Stolen in Operation Targeting Exposed Git Config Files | ||
| Details | Website | 2024-10-30 | 19 | EMERALDWHALE: 15k Cloud Credentials Stolen in Operation Targeting Exposed Git Config Files |