Common Information
| Type | Value |
|---|---|
| Value |
Screen Capture - T1513 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may use screen capture to collect additional information about a target device, such as applications running in the foreground, user data, credentials, or other sensitive information. Applications running in the background can capture screenshots or videos of another application running in the foreground by using the Android `MediaProjectionManager` (generally requires the device user to grant consent).(Citation: Fortinet screencap July 2019)(Citation: Android ScreenCap1 2019) Background applications can also use Android accessibility services to capture screen contents being displayed by a foreground application.(Citation: Lookout-Monokle) An adversary with root access or Android Debug Bridge (adb) access could call the Android `screencap` or `screenrecord` commands.(Citation: Android ScreenCap2 2019)(Citation: Trend Micro ScreenCap July 2015) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-06-07 | 37 | NukeSped RAT Report - CYFIRMA | ||
| Details | Website | 2023-06-02 | 384 | Threat Roundup for May 26 to June 2 | ||
| Details | Website | 2023-06-01 | 18 | Do Not Cross The 'RedLine' Stealer: Detections and Analysis | ||
| Details | Website | 2023-05-30 | 64 | Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals | ||
| Details | Website | 2023-05-30 | 66 | Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals | ||
| Details | Website | 2023-05-26 | 2 | Screencapture.app Virus on Mac – How to Remove It | ||
| Details | Website | 2023-05-23 | 29 | Anomali Cyber Watch: CloudWizard Targets Both Sides in Ukraine, Camaro Dragon Trojanized TP-Link Firmware, RA Group Ransomware Copied Babuk | ||
| Details | Website | 2023-05-19 | 42 | CapCut Users Under Fire | ||
| Details | Website | 2023-05-05 | 352 | Threat Roundup for April 28 to May 5 | ||
| Details | Website | 2023-05-04 | 0 | Vulnerability Management Maturity Model – Self-Assessment Tool (VMMM-SAT) | Jonathan Risto | SANS Institute | ||
| Details | Website | 2023-04-29 | 2 | Google Adds New Cyber Security Tools & Features to ChromeOS | ||
| Details | Website | 2023-04-28 | 300 | Threat Roundup for April 21 to April 28 | ||
| Details | Website | 2023-04-28 | 476 | PENTESTING TOOLS AND PROCEDURE | ||
| Details | Website | 2023-04-26 | 5 | Strolling through Cyberspace and Hunting for Phishing Sites - SANS Internet Storm Center | ||
| Details | Website | 2023-04-25 | 48 | The Claws of Evilcode Gauntlet - XWorm RAT - Avira Blog | ||
| Details | Website | 2023-04-25 | 54 | Anomali Cyber Watch: Two Supply-Chain Attacks Chained Together, Decoy Dog Stealthy DNS Communication, EvilExtractor Exfiltrates to FTP Server | ||
| Details | Website | 2023-04-23 | 2 | Busted: Misconceptions on Insider Risk Programs | ||
| Details | Website | 2023-04-10 | 12 | March 2023’s Most Wanted Malware: New Emotet Campaign Bypasses Microsoft Blocks to Distribute Malicious OneNote Files - Check Point Software | ||
| Details | Website | 2023-04-05 | 0 | OBS now blocks rogue Windows DLL files, gets improved AV1 support on AMD and Nvidia | ||
| Details | Website | 2023-04-04 | 5 | Out of Band NTLM Relay Using Outlook CVE-2023–23397 Vulnerability | ||
| Details | Website | 2023-03-28 | 0 | Advanced Presistent Threat(APT) | ||
| Details | Website | 2023-03-28 | 32 | Anomali Cyber Watch: Bitter Spies on Chinese Nuclear Energy, Kimsuky Takes Over Google Account to Infect Connected Android Devices, Bad Magic APT Targets Occupied Parts of Ukraine | ||
| Details | Website | 2023-03-24 | 398 | Threat Roundup for March 17 to March 24 | ||
| Details | Website | 2023-03-24 | 0 | The ‘Acropalypse,’ Chat GPT’s GPT-4, CISA 's Critical Infrastructure Advisories and More | ||
| Details | Website | 2023-03-23 | 1 | The dangers of unmonitored community activities. |