Show in Graph
Common Information
Type Value
Value 
CDNs - T1596.004
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may search content delivery network (CDN) data about victims that can be used during targeting. CDNs allow an organization to host content from a distributed, load balanced array of servers. CDNs may also allow organizations to customize content delivery based on the requestor’s geographical region. Adversaries may search CDN data to gather actionable information. Threat actors can use online resources and lookup tools to harvest information about content servers within a CDN. Adversaries may also seek and target CDN misconfigurations that leak sensitive information not intended to be hosted and/or do not have the same protection mechanisms (ex: login portals) as the content hosted on the organization’s website.(Citation: DigitalShadows CDN) Information from these sources may reveal opportunities for other forms of reconnaissance (ex: [Active Scanning](https://attack.mitre.org/techniques/T1595) or [Search Open Websites/Domains](https://attack.mitre.org/techniques/T1593)), establishing operational resources (ex: [Acquire Infrastructure](https://attack.mitre.org/techniques/T1583) or [Compromise Infrastructure](https://attack.mitre.org/techniques/T1584)), and/or initial access (ex: [Drive-by Compromise](https://attack.mitre.org/techniques/T1189)).
Details Published Attributes CTI Title
Details Website 2024-11-15 1 Chinese SilkSpecter Hackers Attacking Black Friday Shoppers
Details Website 2024-11-12 16 LummaStealer Lab CyberDefenders |Writeup
Details Website 2024-11-12 7 10 Best DNS Management Tools - 2025
Details Website 2024-11-12 0 2025 Global State of API Security Report - New Data Shows API Breaches Continue to Rise Due to Fraud, Bot Attacks, and GenAI Risks - Cybersecurity Insiders
Details Website 2024-11-11 0 Unmasking E-Commerce Security Threats: What You Must Know
Details Website 2024-11-05 0 Die NIS2-Sektordefinitionen: Ein umfassender Leitfaden für Unternehmen und Organisationen
Details Website 2024-11-04 0 What is an Upstream Server
Details Website 2024-11-03 5 Supply Chain Security Incident: Analysis of the LottieFiles NPM Package Compromise
Details Website 2024-11-02 0 Cybersecurity for Hyperscale Data Centers —  Unique Challenges in Defending Massive Networks
Details Website 2024-11-01 0 LottieFiles confirmed a supply chain attack on Lottie-Player
Details Website 2024-11-01 1 LottieFiles Supply Chain Attack: Compromised npm Package Targets Cryptocurrency Wallets - SOCRadar® Cyber Intelligence Inc.
Details Website 2024-11-01 2 Cyber Briefing: 2024.11.01
Details Website 2024-11-01 2 LottieFiles Supply Chain Attack: Compromised npm Package Targets Cryptocurrency Wallets
Details Website 2024-10-31 0 🚨 LottieFiles Hacked: A Cautionary Tale for the Crypto Community! 🚨
Details Website 2024-10-31 2 LottieFiles Issues Warning About Compromised "lottie-player" npm Package
Details Website 2024-10-31 2 LottieFiles Issues Warning About Compromised "lottie-player" npm Package - RedPacket Security
Details Website 2024-10-31 0 Holiday Cybersecurity Guide for Retail Businesses
Details Website 2024-10-31 3 With 2FA Enabled: NPM Package lottie-player Taken Over by Attackers
Details Website 2024-10-31 0 Supply Chain Attack Targets JavaScript’s Lottie-Player | Wiz Blog
Details Website 2024-10-31 0 LottieFiles hit in npm supply chain attack targeting users' crypto
Details Website 2024-10-31 1 LottieFiles hacked in supply chain attack to steal users’ crypto
Details Website 2024-10-28 1185 US-CERT Vulnerability Summary for the Week of October 21, 2024 - RedPacket Security
Details Website 2024-10-28 54 When WAFs Go Awry: Common Detection & Evasion Techniques for Web Application Firewalls - MDSec
Details Website 2024-10-28 0 Montag: Ausbreitung von Robotaxis, Cyberangriffe auf italienische Berühmtheiten
Details Website 2024-10-26 0 The Power of Proxies: How Reverse Proxies and Load Balancers Transform Web Performance.