Common Information
Type Value
Value
Serverless - T1584.007
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may compromise serverless cloud infrastructure, such as Cloudflare Workers or AWS Lambda functions, that can be used during targeting. By utilizing serverless infrastructure, adversaries can make it more difficult to attribute infrastructure used during operations back to them. Once compromised, the serverless runtime environment can be leveraged to either respond directly to infected machines or to [Proxy](https://attack.mitre.org/techniques/T1090) traffic to an adversary-owned command and control server.(Citation: BlackWater Malware Cloudflare Workers)(Citation: AWS Lambda Redirector) As traffic generated by these functions will appear to come from subdomains of common cloud providers, it may be difficult to distinguish from ordinary traffic to these providers.(Citation: Detecting Command & Control in the Cloud)(Citation: BlackWater Malware Cloudflare Workers)
Details Published Attributes CTI Title
Details Website 2024-11-17 0 API Hacktics: Unveiling Vulnerabilities in Modern Web APIs
Details Website 2024-11-17 0 AWS Security Essentials: Protecting Your Cloud Infrastructure
Details Website 2024-11-15 5 How Runtime Insights Help with Container Security
Details Website 2024-11-15 5 Securing AWS Lambda | How Misconfigurations Can Lead to Lateral Movement
Details Website 2024-11-15 1 How Runtime Insights Help with Container Security
Details Website 2024-11-14 31 SECURE SOFTWARE DEVELOPMENT LIFE CYCLE
Details Website 2024-11-14 4 Streamlining Security: Integrating Amazon Bedrock with Elastic — Elastic Security Labs
Details Website 2024-11-13 8 Using Azure Functions for the CyberSecurity team’s routine.
Details Website 2024-11-13 1 AWS WAF Essentials: Securing Your SaaS Services Against Cyber Threats
Details Website 2024-11-12 0 Discover duplicate AWS Config rules for streamlined compliance | Amazon Web Services
Details Website 2024-11-12 0 The Most Valuable IT Certifications to Boost Your Salary in 2025
Details Website 2024-11-12 7 10 Best DNS Management Tools - 2025
Details Website 2024-11-12 5 Elasticsearch 8.16: Better Binary Quantization (BBQ) — A better way to quantize vector data over Product Quantization (PQ) and production-ready hybrid conversational search
Details Website 2024-11-12 0 Elasticsearch and Kibana 8.16: Kibana gets contextual and BBQ speed and savings!
Details Website 2024-11-11 9 Utilizando Azure Functions para a rotina da equipe de CyberSecurity.
Details Website 2024-11-11 2 Best Practices for Cybersecurity in Federal Cloud Computing
Details Website 2024-11-11 5 Jumping into Bug Bounty Automation
Details Website 2024-11-10 0 “Top 25 AWS Services”
Details Website 2024-11-07 6 Category
Details Website 2024-11-06 0 Effective Data Access Governance in the Cloud w/DSPM & CIEM | Wiz Blog
Details Website 2024-11-06 0 Managing Elasticsearch just got easier, a LOT easier.
Details Website 2024-11-04 0 The Evolving Landscape of Computer Science and Cybersecurity: Key Trends in 2024
Details Website 2024-11-04 0 AI-Powered Remediation 2.0: Choose Your Own Remediation Path | Wiz Blog
Details Website 2024-11-03 0 Day 21 of AWS SAA Certification: What is AWS lambda and Serverless
Details Website 2024-11-01 3 NIS2-Richtlinie: Der KRITIS Leitfaden zum erweiterten Cybersicherheits-Framework der EU