Common Information
| Type | Value |
|---|---|
| Value |
Screen Capture - T1513 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may use screen capture to collect additional information about a target device, such as applications running in the foreground, user data, credentials, or other sensitive information. Applications running in the background can capture screenshots or videos of another application running in the foreground by using the Android `MediaProjectionManager` (generally requires the device user to grant consent).(Citation: Fortinet screencap July 2019)(Citation: Android ScreenCap1 2019) Background applications can also use Android accessibility services to capture screen contents being displayed by a foreground application.(Citation: Lookout-Monokle) An adversary with root access or Android Debug Bridge (adb) access could call the Android `screencap` or `screenrecord` commands.(Citation: Android ScreenCap2 2019)(Citation: Trend Micro ScreenCap July 2015) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-10-19 | 1 | Firejail: Your First Line of Defense for Linux Application Security | ||
| Details | Website | 2024-10-15 | 0 | New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT | ||
| Details | Website | 2024-10-15 | 0 | New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT - RedPacket Security | ||
| Details | Website | 2024-10-14 | 1 | TrickMo Malware Attacking Android Devices To Steal Unlock Patterns And PINs | ||
| Details | Website | 2024-10-14 | 55 | Hidden In Plain Sight: How ErrorFather Deploys Cerberus To Amplify Cyber Threats | ||
| Details | Website | 2024-10-14 | 1 | Lab 3: The Hunt for Lost Files — Adventures in File Recovery | ||
| Details | Website | 2024-10-11 | 30 | Expanding the Investigation: Deep Dive into Latest TrickMo Samples | ||
| Details | Website | 2024-10-11 | 30 | Expanding the Investigation: Deep Dive into Latest TrickMo Samples - Zimperium | ||
| Details | Website | 2024-10-10 | 29 | Technical Analysis of DarkVision RAT | ||
| Details | Website | 2024-10-10 | 36 | Technical Analysis of DarkVision RAT | ||
| Details | Website | 2024-10-10 | 33 | Malware by the (Bit)Bucket: Uncovering AsyncRAT | ||
| Details | Website | 2024-10-10 | 26 | Monthly Threat Actor Group Intelligence Report, August 2024 (KOR) | ||
| Details | Website | 2024-10-10 | 26 | Monthly Threat Actor Group Intelligence Report, July 2024 (ENG) – Red Alert | ||
| Details | Website | 2024-10-10 | 26 | Monthly Threat Actor Group Intelligence Report, August 2024 (KOR) – Red Alert | ||
| Details | Website | 2024-10-10 | 18 | Technical Analysis of DarkVision RAT | ||
| Details | Website | 2024-10-09 | 0 | ISM’s Guidelines for Enterprise Mobility - Zimperium | ||
| Details | Website | 2024-10-04 | 100 | Агент SIEM используется в атаках SilentCryptoMiner | ||
| Details | Website | 2024-10-04 | 100 | SIEM agent being used in SilentCryptoMiner attacks | ||
| Details | Website | 2024-10-01 | 9 | Detecting Vulnerability Scanning Traffic From Underground Tools Using Machine Learning | ||
| Details | Website | 2024-10-01 | 153 | LightSpy: Implant for iOS | ||
| Details | Website | 2024-09-27 | 58 | OSINT Investigation: Hunting Malicious Infrastructure Linked to Transparent Tribe - CYFIRMA | ||
| Details | Website | 2024-09-26 | 5 | China-linked APT group Salt Typhoon compromised some US ISPs | ||
| Details | Website | 2024-09-23 | 728 | US-CERT Vulnerability Summary for the Week of September 16, 2024 - RedPacket Security | ||
| Details | Website | 2024-09-17 | 0 | iOS 18 and iPadOS 18: Apple Intelligence and Enterprise Features | ||
| Details | Website | 2024-09-10 | 28 | Retail Targeted Campaigns—Domain Fraud, Brand Impersonation, and Ponzi Schemes, oh my! - DomainTools | Start Here. Know Now. |