Common Information
| Type | Value |
|---|---|
| Value |
Server - T1584.004 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may compromise third-party servers that can be used during targeting. Use of servers allows an adversary to stage, launch, and execute an operation. During post-compromise activity, adversaries may utilize servers for various tasks, including for Command and Control.(Citation: TrendMicro EarthLusca 2022) Instead of purchasing a [Server](https://attack.mitre.org/techniques/T1583/004) or [Virtual Private Server](https://attack.mitre.org/techniques/T1583/003), adversaries may compromise third-party servers in support of operations. Adversaries may also compromise web servers to support watering hole operations, as in [Drive-by Compromise](https://attack.mitre.org/techniques/T1189), or email servers to support [Phishing](https://attack.mitre.org/techniques/T1566) operations. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2574-01-02 | 0 | Editors Picks, Apps We Recommend | TechSpot | ||
| Details | Website | 2243-01-01 | 25 | 腾讯安全威胁情报中心推出2023年1月必修安全漏洞清单 | ||
| Details | Website | 2083-07-04 | 9 | SonicWall VPN Portal Critical Flaw (CVE-2020-5135) | ||
| Details | Website | 2083-02-01 | 4 | 守夜人之剑 - 攻防演练漏洞必修清单2023 | ||
| Details | Website | 2061-05-15 | 4 | Flash Notice: Critical Linux Kernel Vulnerability Can Lead to Remote Code Execution | ||
| Details | Website | 2051-02-02 | 32 | UNKNOWN | ||
| Details | Website | 2051-02-02 | 32 | UNKNOWN | ||
| Details | Website | 2050-08-03 | 29 | Kiddoware Kids Place Parental Control Android App 3.8.49 XSS / CSRF / File Upload - CXSecurity.com | ||
| Details | Website | 2049-04-02 | 1 | Apache Exploited Zero-Day Patched - IBM X-Force Collection | ||
| Details | Website | 2049-01-13 | 27 | 腾讯安全威胁情报中心推出2023年7月必修安全漏洞清单 | ||
| Details | Website | 2028-01-01 | 3 | A Tour of the Worm | ||
| Details | Website | 2025-11-07 | 1 | Vault7 - Home | ||
| Details | Website | 2025-01-01 | 11 | Visionaries Have Democratised Remote Network Access – Citrix Virtual Apps and Desktops (CVE Unknown) | CTF导航 | ||
| Details | Website | 2024-12-29 | 2 | Cobalt Strike DFIR: Listening to the Pipes — Blake's R&D | ||
| Details | Website | 2024-12-17 | 1 | Log4shell: a threat intelligence perspective — Silent Push Threat Intelligence | ||
| Details | Website | 2024-12-12 | 21 | SECCON2016取证题WriteUP - lightless blog | ||
| Details | Website | 2024-12-09 | 0 | — | ||
| Details | Website | 2024-11-30 | 4 | Exploiting Vulnerabilities in a TLD Registrar to Takeover Tether, Google, and Amazon — Palisade | ||
| Details | Website | 2024-11-22 | 6 | Black Friday e-commerce scam: Comprehensive analysis of PayPal attack vectors. — Silent Push Threat Intelligence | ||
| Details | Website | 2024-11-18 | 0 | NSOグループ、訴えられた後に別のWhatsAppゼロデイを使用、裁判所文書に記載 - PRSOL:CC | ||
| Details | Website | 2024-11-17 | 10 | Shamoon Malware | ||
| Details | Website | 2024-11-17 | 8 | “Embarking on API Security Testing: A Beginner’s Guide to Understanding APIs and Utilizing Postman”… | ||
| Details | Website | 2024-11-17 | 13 | Intigriti 1337Up Live 2024-CTF: Web Challenges | ||
| Details | Website | 2024-11-17 | 3 | “Embarking on API Security Testing: A Beginner’s Guide to Understanding APIs and Utilizing Postman”… | ||
| Details | Website | 2024-11-17 | 0 | Reflected XSS to Stored XSS Hacker’s PlayBook Guide to XSS |