Common Information
| Type | Value |
|---|---|
| Value |
File Transfer Protocols - T1071.002 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may communicate using application layer protocols associated with transferring files to avoid detection/network filtering by blending in with existing traffic. Commands to the remote system, and often the results of those commands, will be embedded within the protocol traffic between the client and server. Protocols such as SMB(Citation: US-CERT TA18-074A), FTP(Citation: ESET Machete July 2019), FTPS, and TFTP that transfer files may be very common in environments. Packets produced from these protocols may have many fields and headers in which data can be concealed. Data could also be concealed within the transferred files. An adversary may abuse these protocols to communicate with systems under their control within a victim network while also mimicking normal, expected traffic. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-11 | 0 | 🚨 Amazon Confirms Data Breach: What It Means for Employee Security and Penetration Testing 🚨 | ||
| Details | Website | 2024-11-04 | 24 | From Pyongyang to Your Payroll: The Rise of North Korean Remote Workers in the West | ||
| Details | Website | 2024-10-16 | 4 | The Only Guide to SFTP That You Need: Secure File Transfers, Simplified | ||
| Details | Website | 2024-07-23 | 143 | The tap-estry of threats targeting Hamster Kombat players | ||
| Details | Website | 2023-11-28 | 81 | Aki-RATs - Command and Control Party | ||
| Details | Website | 2023-10-23 | 273 | Red Team Tools | ||
| Details | Website | 2023-09-18 | 18 | Coverage Advisory for CVE-2023-34362 MOVEit Transfer Vulnerabilities | ||
| Details | Website | 2023-08-13 | 69 | MoustachedBouncer: Belarus-Linked threat group exploit ISPs for AiTM attacks | ||
| Details | Website | 2023-08-07 | 21 | Some common interview questions for SOC Analyst positions | ||
| Details | Website | 2023-07-27 | 117 | Healthcare Threat Landscape 2022-2023: Common TTPs Used by Top Ransomware Groups Targeting the Healthcare Sector | ||
| Details | Website | 2023-07-25 | 6 | APT Profile: Kimsuky - SOCRadar® Cyber Intelligence Inc. | ||
| Details | Website | 2023-07-17 | 0 | Everything About the Attack on MOVEit and its Customers | ||
| Details | Website | 2023-06-16 | 0 | Latest CISA Directive Highlights Importance of Attack Surface Visibility | ||
| Details | Website | 2023-06-14 | 23 | Understanding Ransomware Threat Actors: LockBit – Cyber Safe NV | ||
| Details | Website | 2023-06-06 | 8 | Cl0p ransomware gang claims first victims of the MOVEit vulnerability | ||
| Details | Website | 2023-06-02 | 8 | Update now! MOVEit Transfer vulnerability actively exploited | ||
| Details | Website | 2023-05-16 | 2 | Protecting Your Business Against Cyber Threats: Best Practices and Strategies | ||
| Details | Website | 2023-03-16 | 51 | #StopRansomware: LockBit 3.0 | CISA | ||
| Details | Website | 2023-03-15 | 1 | 5 Ways to Ensure Compliance and Data Security in a Hybrid Workplace | ||
| Details | Website | 2023-02-28 | 44 | CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks | CISA | ||
| Details | Website | 2022-10-18 | 15 | The security risk of M&A: Are Chinese cyber threats lurking in legacy infrastructure? | ||
| Details | Website | 2022-10-11 | 97 | POLONIUM targets Israel with Creepy malware | WeLiveSecurity | ||
| Details | Website | 2022-09-27 | 0 | Wait a Minute! There's More Than One Type of (Security) Sandbox? | Zscaler | ||
| Details | Website | 2022-09-14 | 2 | CVE-2021-44076: Cross-Site Scripting (XSS) in CrushFTP | ||
| Details | Website | 2022-09-14 | 53 | DPRK Job Opportunity Phishing via WhatsApp | PuTTY Utility |