Common Information
| Type | Value |
|---|---|
| Value |
Screen Capture - T1513 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may use screen capture to collect additional information about a target device, such as applications running in the foreground, user data, credentials, or other sensitive information. Applications running in the background can capture screenshots or videos of another application running in the foreground by using the Android `MediaProjectionManager` (generally requires the device user to grant consent).(Citation: Fortinet screencap July 2019)(Citation: Android ScreenCap1 2019) Background applications can also use Android accessibility services to capture screen contents being displayed by a foreground application.(Citation: Lookout-Monokle) An adversary with root access or Android Debug Bridge (adb) access could call the Android `screencap` or `screenrecord` commands.(Citation: Android ScreenCap2 2019)(Citation: Trend Micro ScreenCap July 2015) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-09-09 | 22 | Dive into Sigma Correlation Rules | ||
| Details | Website | 2024-09-07 | 2 | Why Polarity & ThreatConnect? | ThreatConnect | ||
| Details | Website | 2024-09-02 | 15 | CYFIRMA RESEARCH : POWERSHELL KEYLOGGER - CYFIRMA | ||
| Details | Website | 2024-08-29 | 24 | Monthly Threat Actor Group Intelligence Report, July 2024 (KOR) – Red Alert | ||
| Details | Website | 2024-08-27 | 3 | AutoIT Bot Targets Gmail Accounts First | SonicWall | ||
| Details | Website | 2024-08-27 | 77 | LightSpy: Implant for macOS | ||
| Details | Website | 2024-08-22 | 134 | Technical Analysis of Copybara | ||
| Details | Website | 2024-08-14 | 6 | PrestaShop GTAG Websocket Skimmer | ||
| Details | Website | 2024-08-13 | 7 | Kaspersky report on APT trends in Q2 2024 | ||
| Details | Website | 2024-08-12 | 0 | Remexi Backdoor | ||
| Details | Website | 2024-08-09 | 0 | Weekly Cyber Threat Intelligence Summary | ||
| Details | Website | 2024-08-05 | 65 | LianSpy: Android spyware leveraging Yandex Disk as C2 | ||
| Details | Website | 2024-08-01 | 34 | BlankBot - a new Android banking trojan with screen recording,… | ||
| Details | Website | 2024-08-01 | 47 | BITS and Bytes: Analyzing BITSLOTH, a newly identified backdoor — Elastic Security Labs | ||
| Details | Website | 2024-07-25 | 59 | How APT groups operate in Southeast Asia | ||
| Details | Website | 2024-07-17 | 9 | Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution | ||
| Details | Website | 2024-07-15 | 42 | CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks | ||
| Details | Website | 2024-07-12 | 0 | RAT Catchers - What are We Up Against? - Packt SecPro | ||
| Details | Website | 2024-07-01 | 62 | Kimsuky deploys TRANSLATEXT to target South Korean academia | ||
| Details | Website | 2024-06-27 | 0 | Recovering from a MITRE hangover | ||
| Details | Website | 2024-06-25 | 47 | How to detect the modular RAT CSHARP-STREAMER | ||
| Details | Website | 2024-06-19 | 172 | Behind the Great Wall Void Arachne Targets Chinese-Speaking Users With the Winos 4.0 CC Framework | ||
| Details | Website | 2024-06-12 | 27 | Dipping into Danger: The WARMCOOKIE backdoor — Elastic Security Labs | ||
| Details | Website | 2024-06-10 | 86 | Technical Analysis of the Latest Variant of ValleyRAT | ||
| Details | Website | 2024-05-15 | 45 | To the Moon and back(doors): Lunar landing in diplomatic missions |