Common Information
Type | Value |
---|---|
Value |
Serverless - T1584.007 |
Category | Attack-Pattern |
Type | Mitre-Attack-Pattern |
Misp Type | Cluster |
Description | Adversaries may compromise serverless cloud infrastructure, such as Cloudflare Workers or AWS Lambda functions, that can be used during targeting. By utilizing serverless infrastructure, adversaries can make it more difficult to attribute infrastructure used during operations back to them. Once compromised, the serverless runtime environment can be leveraged to either respond directly to infected machines or to [Proxy](https://attack.mitre.org/techniques/T1090) traffic to an adversary-owned command and control server.(Citation: BlackWater Malware Cloudflare Workers)(Citation: AWS Lambda Redirector) As traffic generated by these functions will appear to come from subdomains of common cloud providers, it may be difficult to distinguish from ordinary traffic to these providers.(Citation: Detecting Command & Control in the Cloud)(Citation: BlackWater Malware Cloudflare Workers) |
Details | Published | Attributes | CTI | Title | ||
---|---|---|---|---|---|---|
Details | Website | 2024-11-17 | 0 | API Hacktics: Unveiling Vulnerabilities in Modern Web APIs | ||
Details | Website | 2024-11-17 | 0 | AWS Security Essentials: Protecting Your Cloud Infrastructure | ||
Details | Website | 2024-11-15 | 5 | How Runtime Insights Help with Container Security | ||
Details | Website | 2024-11-15 | 5 | Securing AWS Lambda | How Misconfigurations Can Lead to Lateral Movement | ||
Details | Website | 2024-11-15 | 1 | How Runtime Insights Help with Container Security | ||
Details | Website | 2024-11-14 | 31 | SECURE SOFTWARE DEVELOPMENT LIFE CYCLE | ||
Details | Website | 2024-11-14 | 4 | Streamlining Security: Integrating Amazon Bedrock with Elastic — Elastic Security Labs | ||
Details | Website | 2024-11-13 | 8 | Using Azure Functions for the CyberSecurity team’s routine. | ||
Details | Website | 2024-11-13 | 1 | AWS WAF Essentials: Securing Your SaaS Services Against Cyber Threats | ||
Details | Website | 2024-11-12 | 0 | Discover duplicate AWS Config rules for streamlined compliance | Amazon Web Services | ||
Details | Website | 2024-11-12 | 0 | The Most Valuable IT Certifications to Boost Your Salary in 2025 | ||
Details | Website | 2024-11-12 | 7 | 10 Best DNS Management Tools - 2025 | ||
Details | Website | 2024-11-12 | 5 | Elasticsearch 8.16: Better Binary Quantization (BBQ) — A better way to quantize vector data over Product Quantization (PQ) and production-ready hybrid conversational search | ||
Details | Website | 2024-11-12 | 0 | Elasticsearch and Kibana 8.16: Kibana gets contextual and BBQ speed and savings! | ||
Details | Website | 2024-11-11 | 9 | Utilizando Azure Functions para a rotina da equipe de CyberSecurity. | ||
Details | Website | 2024-11-11 | 2 | Best Practices for Cybersecurity in Federal Cloud Computing | ||
Details | Website | 2024-11-11 | 5 | Jumping into Bug Bounty Automation | ||
Details | Website | 2024-11-10 | 0 | “Top 25 AWS Services” | ||
Details | Website | 2024-11-07 | 6 | Category | ||
Details | Website | 2024-11-06 | 0 | Effective Data Access Governance in the Cloud w/DSPM & CIEM | Wiz Blog | ||
Details | Website | 2024-11-06 | 0 | Managing Elasticsearch just got easier, a LOT easier. | ||
Details | Website | 2024-11-04 | 0 | The Evolving Landscape of Computer Science and Cybersecurity: Key Trends in 2024 | ||
Details | Website | 2024-11-04 | 0 | AI-Powered Remediation 2.0: Choose Your Own Remediation Path | Wiz Blog | ||
Details | Website | 2024-11-03 | 0 | Day 21 of AWS SAA Certification: What is AWS lambda and Serverless | ||
Details | Website | 2024-11-01 | 3 | NIS2-Richtlinie: Der KRITIS Leitfaden zum erweiterten Cybersicherheits-Framework der EU |