Common Information
| Type | Value |
|---|---|
| Value |
Web Protocols - T1437.001 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may communicate using application layer protocols associated with web protocols traffic to avoid detection/network filtering by blending in with existing traffic. Commands to remote mobile devices, and often the results of those commands, will be embedded within the protocol traffic between the mobile client and server. Web protocols such as HTTP and HTTPS are used for web traffic as well as well as notification services native to mobile messaging services such as Google Cloud Messaging (GCM) and newly, Firebase Cloud Messaging (FCM), (GCM/FCM: two-way communication) and Apple Push Notification Service (APNS; one-way server-to-device). Such notification services leverage HTTP/S via the respective API and are commonly abused on Android and iOS respectively in order blend in with routine device traffic making it difficult for enterprises to inspect. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-16 | 90 | From Royal to BlackSuit: Understanding the Tactics and Impact of a Sophisticated Ransomware Strain | #ransomware | #cybercrime | National Cyber Security Consulting | ||
| Details | Website | 2024-11-15 | 38 | Dark Web Profile: Cadet Blizzard | ||
| Details | Website | 2024-11-15 | 33 | DONOT's Attack On Maritime & Defense Manufacturing | ||
| Details | Website | 2024-11-13 | 24 | Lessons from a Honeypot with US Citizens’ Data | ||
| Details | Website | 2024-11-12 | 26 | Dissecting A Multi-Stage PowerShell Campaign Using Chisel | ||
| Details | Website | 2024-11-08 | 35 | Life on a crooked RedLine: Analyzing the infamous infostealer’s backend | ||
| Details | Website | 2024-11-07 | 7 | Mapping CTF Techniques to the MITRE ATT&CK Framework: TryHack3M: Bricks Heist | ||
| Details | Website | 2024-11-07 | 114 | Detailed Analysis of TheftCalls: Impersonating Frequently Used Korean Apps | ||
| Details | Website | 2024-11-07 | 66 | European diplomats targeted by APT29 (Cozy Bear) with WINELOADER | ||
| Details | Website | 2024-11-07 | 33 | Malicious Inauthentic Falcon Crash Reporter Installer Delivers Malware Named Ciro | ||
| Details | Website | 2024-11-05 | 7 | Inside Iran's Cyber Playbook: AI, Fake Hosting, and Psychological Warfare - CyberSRC | ||
| Details | Website | 2024-11-04 | 57 | Threat Intelligence Report October 29 - November 4 2024 | Red Piranha | ||
| Details | Website | 2024-11-04 | 24 | From Pyongyang to Your Payroll: The Rise of North Korean Remote Workers in the West | ||
| Details | Website | 2024-11-01 | 39 | Dark Web Profile: Tropic Trooper (APT23) - SOCRadar® Cyber Intelligence Inc. | ||
| Details | Website | 2024-11-01 | 62 | Weekly Intelligence Report - 01 Nov 2024 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-10-30 | 379 | 从目录浏览分析幽盾攻击组织-安全客 - 安全资讯平台 | ||
| Details | Website | 2024-10-30 | 28 | Attacker Abuses Victim Resources to Reap Rewards from Titan Network | ||
| Details | Website | 2024-10-29 | 19 | Ransomware: Kill Security | ||
| Details | Website | 2024-10-28 | 376 | Inside the Open Directory of the “You Dun” Threat Group | ||
| Details | Website | 2024-10-26 | 0 | Top 10 Programming Languages For Cyber Security | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-10-24 | 221 | Operation Cobalt Whisper Targets Industries in Hong Kong and Pakistan | ||
| Details | Website | 2024-10-23 | 44 | Highlighting TA866/Asylum Ambuscade Activity Since 2021 | ||
| Details | Website | 2024-10-22 | 13 | Using gRPC and HTTP/2 for Cryptominer Deployment: An Unconventional Approach | ||
| Details | Website | 2024-10-18 | 12 | The Mobile Malware Chronicles: Necro.N – Volume 101 | ||
| Details | Website | 2024-10-18 | 12 | The Mobile Malware Chronicles: Necro.N - Volume 101 - Zimperium |