Common Information
Type | Value |
---|---|
Value |
Screen Capture - T1513 |
Category | Attack-Pattern |
Type | Mitre-Attack-Pattern |
Misp Type | Cluster |
Description | Adversaries may use screen capture to collect additional information about a target device, such as applications running in the foreground, user data, credentials, or other sensitive information. Applications running in the background can capture screenshots or videos of another application running in the foreground by using the Android `MediaProjectionManager` (generally requires the device user to grant consent).(Citation: Fortinet screencap July 2019)(Citation: Android ScreenCap1 2019) Background applications can also use Android accessibility services to capture screen contents being displayed by a foreground application.(Citation: Lookout-Monokle) An adversary with root access or Android Debug Bridge (adb) access could call the Android `screencap` or `screenrecord` commands.(Citation: Android ScreenCap2 2019)(Citation: Trend Micro ScreenCap July 2015) |
Details | Published | Attributes | CTI | Title | ||
---|---|---|---|---|---|---|
Details | Website | 2019-03-01 | 0 | Using Social Media, SEO in Tech Support Scams | ||
Details | Website | 2019-02-20 | 92 | Combing Through Brushaloader Amid Massive Detection Uptick | ||
Details | Website | 2019-01-11 | 0 | New in Windows Server 2019 networking: HTTP/2, Cubic, LEDBAT, DPDK, and Kubernetes | ||
Details | Website | 2019-01-08 | 1 | Disguised Adware Infect 9 Million Google Play Users | ||
Details | Website | 2019-01-03 | 84 | LOLbins and trojans: How the Ramnit Trojan spreads via sLoad in a cyberattack | ||
Details | Website | 2019-01-01 | 123 | The Mac Malware of 2018 | ||
Details | Website | 2018-12-24 | 73 | Let’s dig into Vidar – An Arkei Copycat/Forked Stealer (In-depth analysis) | ||
Details | Website | 2018-12-18 | 63 | Sofacy Creates New ‘Go’ Variant of Zebrocy Tool | ||
Details | Website | 2018-12-14 | 8 | Malicious Memes that Communicate with Malware | ||
Details | Website | 2018-12-14 | 6 | Malicious Memes that Communicate with Malware | ||
Details | Website | 2018-11-01 | 49 | Trickbot Shows Off New Trick: Password Grabber Module | ||
Details | Website | 2018-10-29 | 8 | New File Types Emerge in Malware Spam Attachments | ||
Details | Website | 2018-10-29 | 28 | New File Types Emerge in Malware Spam Attachments | ||
Details | Website | 2018-09-21 | 38 | ROKRAT is Back!! | ||
Details | Website | 2018-08-22 | 4 | Tshark Examples for Extracting IP Fields - Active Countermeasures | ||
Details | Website | 2018-08-15 | 0 | Version 1.2 Release - Active Countermeasures | ||
Details | Website | 2018-06-28 | 4 | New Noteworthy Changes to Necurs’ Behaviors | ||
Details | Website | 2018-06-24 | 5 | Powershell-RAT - Gmail Exfiltration RAT - Darknet - Hacking Tools, Hacker News & Cyber Security | ||
Details | Website | 2018-06-09 | 3 | Hacking and securing the iPhone, iPad and iPod Touch - Privacy PC | ||
Details | Website | 2018-06-04 | 0 | — | ||
Details | Website | 2018-05-24 | 1 | Android OS Didn’t use FLAG_SECURE for Sensitive Settings [CVE-2017-13243] | ||
Details | Website | 2018-05-09 | 23 | Analysis of CVE-2018-8174 VBScript 0day and APT actor related to Office targeted attack | ||
Details | Website | 2018-05-08 | 0 | Condusiv V-locity v7: I/O reduction and optimization for your virtual machines | ||
Details | Website | 2018-05-04 | 11 | Who Moved My Pixels?! | ||
Details | Website | 2018-04-26 | 4 | Necurs Evades Detection via Internet Shortcut File |