Show in Graph
Common Information
Type Value
Value 
Serverless - T1584.007
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may compromise serverless cloud infrastructure, such as Cloudflare Workers or AWS Lambda functions, that can be used during targeting. By utilizing serverless infrastructure, adversaries can make it more difficult to attribute infrastructure used during operations back to them. Once compromised, the serverless runtime environment can be leveraged to either respond directly to infected machines or to [Proxy](https://attack.mitre.org/techniques/T1090) traffic to an adversary-owned command and control server.(Citation: BlackWater Malware Cloudflare Workers)(Citation: AWS Lambda Redirector) As traffic generated by these functions will appear to come from subdomains of common cloud providers, it may be difficult to distinguish from ordinary traffic to these providers.(Citation: Detecting Command & Control in the Cloud)(Citation: BlackWater Malware Cloudflare Workers)
Details Published Attributes CTI Title
Details Website 2023-11-20 0 XDR Cybersecurity: Technologies and Best Practices
Details Website 2023-11-19 0 Sysdig announces malware threat detection and Windows server detection – Global Security Mag Online
Details Website 2023-11-16 0 Is Traditional EDR a Risk to Your Cloud Estate?  – Sysdig
Details Website 2023-11-16 0 Search | arXiv e-print repository
Details Website 2023-11-15 0 Building sensitive data remediation workflows in multi-account AWS environments | Amazon Web Services
Details Website 2023-11-15 0 Cado Security Earns Prestigious Spot on CRN® 2023 Stellar Startups List - Cado Security | Cloud Forensics & Incident Response
Details Website 2023-11-15 0 Serve more with Serverless
Details Website 2023-11-14 0 Cado Security's Cloud Forensics and Incident Response Platform Now Available on Google Cloud Marketplace - Cado Security | Cloud Forensics & Incident Response
Details Website 2023-11-13 0  5 Steps to Establishing a Zero Trust Foundation in the Cloud with Wiz  | Wiz Blog
Details Website 2023-11-10 1 Scaling Log Forensics in the Cloud with cloudgrep - Cado Security | Cloud Forensics & Incident Response
Details Website 2023-11-09 0 Cado Security Awarded for Pioneering Cybersecurity in Cloud Threat Detection, Investigation, and Response - Cado Security | Cloud Forensics & Incident Response
Details Website 2023-11-09 2 Google Cloud’s Cybersecurity Trends to Watch in 2024 Include Generative AI-Based Attacks
Details Website 2023-11-07 0 Cloud Security in Action: Meet Check Point CloudGuard - Check Point Blog
Details Website 2023-11-06 0 Investigating AWS EC2 Compromise CTF by Cado Security - Cado Security | Cloud Forensics & Incident Response
Details Website 2023-11-06 0 ELT: Extract Load Transform, Explained
Details Website 2023-11-03 3 How to create an AMI hardening pipeline and automate updates to your ECS instance fleet | Amazon Web Services
Details Website 2023-11-03 0 Secure Cloud Infrastructure from New Cyber Threats
Details Website 2023-10-31 0 The Key to Effective Incident Response is Preparedness - Cado Security | Cloud Forensics & Incident Response
Details Website 2023-10-31 0 What’s new in the Cado Platform Q3 2023 - Cado Security | Cloud Forensics & Incident Response
Details Website 2023-10-31 1 Transforming transactions: Streamlining PCI compliance using AWS serverless architecture | Amazon Web Services
Details Website 2023-10-30 0 Securing clouds, securely | Wiz Blog
Details Website 2023-10-30 0 A New Perspective on Resource-Level Cloud Forensics - Cado Security | Cloud Forensics & Incident Response
Details Website 2023-10-30 0 Securely Migrating to AWS with Check Point - Check Point Blog
Details Website 2023-10-27 0 Navigating the Cyber Security Regulatory Maze: Balancing Incident Response, Breach Disclosure, and Compliance in the Cloud Era - Cado Security | Cloud Forensics & Incident Response
Details Website 2023-10-27 0 The security attendee’s guide to AWS re:Invent 2023 | Amazon Web Services