Common Information
| Type | Value |
|---|---|
| Value |
CDNs - T1596.004 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may search content delivery network (CDN) data about victims that can be used during targeting. CDNs allow an organization to host content from a distributed, load balanced array of servers. CDNs may also allow organizations to customize content delivery based on the requestor’s geographical region. Adversaries may search CDN data to gather actionable information. Threat actors can use online resources and lookup tools to harvest information about content servers within a CDN. Adversaries may also seek and target CDN misconfigurations that leak sensitive information not intended to be hosted and/or do not have the same protection mechanisms (ex: login portals) as the content hosted on the organization’s website.(Citation: DigitalShadows CDN) Information from these sources may reveal opportunities for other forms of reconnaissance (ex: [Active Scanning](https://attack.mitre.org/techniques/T1595) or [Search Open Websites/Domains](https://attack.mitre.org/techniques/T1593)), establishing operational resources (ex: [Acquire Infrastructure](https://attack.mitre.org/techniques/T1583) or [Compromise Infrastructure](https://attack.mitre.org/techniques/T1584)), and/or initial access (ex: [Drive-by Compromise](https://attack.mitre.org/techniques/T1189)). |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2019-12-19 | 2 | New low cost traffic analysis attacks and mitigations | Tor Project | ||
| Details | Website | 2019-08-01 | 11 | APT trends report Q2 2019 | ||
| Details | Website | 2019-06-04 | 18 | Magecart skimmers found on Amazon CloudFront CDN | Malwarebytes Labs | ||
| Details | Website | 2019-05-02 | 0 | The end of torrents era in Russia | ||
| Details | Website | 2019-04-13 | 168 | media.defcon.org | ||
| Details | Website | 2019-01-16 | 0 | Top 3 Cyberattacks Targeting Proxy Servers | Radware Blog | ||
| Details | Website | 2019-01-01 | 31 | A Deep Dive into Cobalt Strike Malleable C2 - Threatexpress | ||
| Details | Website | 2018-12-31 | 2 | Looking Forward to 2019 - Let's Encrypt | ||
| Details | Website | 2018-12-12 | 3 | What is Web Cache Poisoning? | Acunetix | ||
| Details | Website | 2018-11-29 | 287 | Pervasive Brazilian Financial Malware Targets Bank Customers in Latin America and Europe | ||
| Details | Website | 2018-10-22 | 0 | 2018 Web Security Scan Statistics & Reports | Invicti | ||
| Details | Website | 2018-09-30 | 9 | Real World Serverless: The Video | ||
| Details | Website | 2018-08-29 | 0 | Why CDNs Don’t Solve Your DDoS Problem | NETSCOUT | ||
| Details | Website | 2018-08-20 | 3 | Wireshark For Network Threat Hunting: Creating Filters - Active Countermeasures | ||
| Details | Website | 2018-08-20 | 19 | Edge-Side-Includes with Cloudflare Workers | ||
| Details | Website | 2018-08-14 | 5 | Plight at the end of the tunnel | ||
| Details | Website | 2018-08-14 | 18 | Leverage Browser Security Features to Secure Your Website | Invicti | ||
| Details | Website | 2018-06-21 | 6 | DroneDeploy and Cloudflare Workers | ||
| Details | Website | 2018-06-03 | 5 | Inside Firefox’s DOH engine | daniel.haxx.se | ||
| Details | Website | 2018-04-10 | 29 | When SRI and CSP are not enough, the Browsealoud Story | ||
| Details | Website | 2018-03-26 | 0 | DDoS Managed Service | NETSCOUT | ||
| Details | Website | 2018-03-21 | 1 | Deprecating TLS 1.0 & 1.1 | ||
| Details | Website | 2018-03-21 | 2 | IETF 101 Liveblog | ||
| Details | Website | 2018-03-15 | 0 | CAPTCHA Limitations of Bot Mitigation | Radware Blog | ||
| Details | Website | 2018-03-05 | 2 | A few things I've learned about computer networking |