Common Information
| Type | Value |
|---|---|
| Value |
Screen Capture - T1513 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may use screen capture to collect additional information about a target device, such as applications running in the foreground, user data, credentials, or other sensitive information. Applications running in the background can capture screenshots or videos of another application running in the foreground by using the Android `MediaProjectionManager` (generally requires the device user to grant consent).(Citation: Fortinet screencap July 2019)(Citation: Android ScreenCap1 2019) Background applications can also use Android accessibility services to capture screen contents being displayed by a foreground application.(Citation: Lookout-Monokle) An adversary with root access or Android Debug Bridge (adb) access could call the Android `screencap` or `screenrecord` commands.(Citation: Android ScreenCap2 2019)(Citation: Trend Micro ScreenCap July 2015) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2021-04-30 | 1 | How Cybercriminals Abuse OpenBullet for Credential Stuffing | ||
| Details | Website | 2021-04-20 | 1 | Carbanak and FIN7 Attack Techniques | ||
| Details | Website | 2021-04-20 | 1 | Carbanak and FIN7 Attack Techniques | ||
| Details | Website | 2021-04-14 | 56 | HydroJiin Malware Campaign | ThreatLabZ | Zscaler Blog | ||
| Details | Website | 2021-04-13 | 6 | Detecting Clop Ransomware | ||
| Details | Website | 2021-04-12 | 12 | BRATA Keeps Sneaking into Google Play, Now Targeting USA and Spain | McAfee Blog | ||
| Details | Website | 2021-04-09 | 459 | Threat Roundup for April 2 to April 9 | ||
| Details | Website | 2021-04-06 | 93 | Janeleiro, the time traveler: A new old banking trojan in Brazil | WeLiveSecurity | ||
| Details | Website | 2021-03-23 | 71 | Multistage low-volume attack using AzureEdge and Shopify CDN | ||
| Details | Website | 2021-03-18 | 55 | New macOS Malware XcodeSpy Targets Xcode Developers with EggShell Backdoor - SentinelLabs | ||
| Details | Website | 2021-02-25 | 21 | Distribution of Malware via Resume/Copyright-Related Emails (Ransomware, Infostealer) - ASEC BLOG | ||
| Details | Website | 2021-02-09 | 34 | BendyBear: Novel Chinese Shellcode Linked With Cyber Espionage Group BlackTech | ||
| Details | Website | 2021-02-01 | 17 | DPRK Targeting Researchers II: .Sys Payload and Registry Hunting – One Night in Norfolk | ||
| Details | Website | 2021-01-21 | 43 | Vadokrist: A wolf in sheep’s clothing | WeLiveSecurity | ||
| Details | Website | 2021-01-12 | 70 | Operation Spalax: Targeted malware attacks in Colombia | WeLiveSecurity | ||
| Details | Website | 2020-12-24 | 78 | AridViper Windows Malware Threat Intel Advisory | Threat Intelligence | CloudSEK | ||
| Details | Website | 2020-12-14 | 220 | Carbanak/ FIN7 Crime Gang Threat Intel Advisory | Threat Intelligence | CloudSEK | ||
| Details | Website | 2020-11-19 | 0 | Genesis Marketplace, a Digital Fingerprint Darknet Store | ||
| Details | Website | 2020-11-12 | 270 | CRAT wants to plunder your endpoints | ||
| Details | Website | 2020-11-05 | 60 | Attacks on industrial enterprises using RMS and TeamViewer: new data | ||
| Details | Website | 2020-11-01 | 8 | A look into APT36's (Transparent Tribe) tradecraft | ||
| Details | Website | 2020-10-02 | 338 | Threat Roundup for September 25 to October 2 | ||
| Details | Website | 2020-10-01 | 37 | IPStorm Now Has a Linux Malware - Intezer | ||
| Details | Website | 2020-09-29 | 198 | Oil and Gas Industries in Middle East Targeted | blog | ||
| Details | Website | 2020-09-25 | 342 | Threat Roundup for September 18 to September 25 |