Common Information
| Type | Value |
|---|---|
| Value |
Business Relationships - T1591.002 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may gather information about the victim's business relationships that can be used during targeting. Information about an organization’s business relationships may include a variety of details, including second or third-party organizations/domains (ex: managed service providers, contractors, etc.) that have connected (and potentially elevated) network access. This information may also reveal supply chains and shipment paths for the victim’s hardware and software resources. Adversaries may gather this information in various ways, such as direct elicitation via [Phishing for Information](https://attack.mitre.org/techniques/T1598). Information about business relationships may also be exposed to adversaries via online or other accessible data sets (ex: [Social Media](https://attack.mitre.org/techniques/T1593/001) or [Search Victim-Owned Websites](https://attack.mitre.org/techniques/T1594)).(Citation: ThreatPost Broadvoice Leak) Gathering this information may reveal opportunities for other forms of reconnaissance (ex: [Phishing for Information](https://attack.mitre.org/techniques/T1598) or [Search Open Websites/Domains](https://attack.mitre.org/techniques/T1593)), establishing operational resources (ex: [Establish Accounts](https://attack.mitre.org/techniques/T1585) or [Compromise Accounts](https://attack.mitre.org/techniques/T1586)), and/or initial access (ex: [Supply Chain Compromise](https://attack.mitre.org/techniques/T1195), [Drive-by Compromise](https://attack.mitre.org/techniques/T1189), or [Trusted Relationship](https://attack.mitre.org/techniques/T1199)). |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-15 | 2 | Supply Chain Security: The Backdoor That’s Leaving Your Business Wide Open | ||
| Details | Website | 2024-11-13 | 7 | New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration - CyberSRC | ||
| Details | Website | 2024-11-11 | 2 | The Hidden Costs of API Breaches: Quantifying the Long-Term Business Impact | ||
| Details | Website | 2024-11-07 | 2 | Texas Data Privacy and Security Act (TDPSA) | ||
| Details | Website | 2024-11-07 | 0 | Securing SMBs in a Cloud-Driven World: Best Practices for Cost-Effective Digital Hygiene Through Verified Authentication | ||
| Details | Website | 2024-11-05 | 2 | SWIFT | ||
| Details | Website | 2024-11-04 | 0 | Android RAT Tool, Asus Taiwan Access, and Palo Alto Exploit Detected on Dark Web - SOCRadar® Cyber Intelligence Inc. | ||
| Details | Website | 2024-11-04 | 2 | Android RAT Tool, Asus Taiwan Access, and Palo Alto Exploit Detected on Dark Web | ||
| Details | Website | 2024-11-04 | 2 | Handling Cross-Border Cybersecurity Breaches: US-India Legal Considerations | ||
| Details | Website | 2024-11-01 | 0 | Protecting the Healthcare Supply Chain Against Russian Ransomware | #ransomware | #cybercrime | National Cyber Security Consulting | ||
| Details | Website | 2024-10-30 | 46 | 6,000+ WordPress Sites Compromised: The Threat of ClickFix Malware. (Research & Proposed Solution) | ||
| Details | Website | 2024-10-30 | 46 | 6,000+ WordPress Sites Compromised: The Threat of ClickFix Malware. (Complete Research) | ||
| Details | Website | 2024-10-26 | 6 | The Future Of Work And Advanced VPN Adoption | ||
| Details | Website | 2024-10-24 | 0 | THE FORGE FROM A CYBERSECURITY PERSPECTIVE. | ||
| Details | Website | 2024-10-23 | 44 | Highlighting TA866/Asylum Ambuscade Activity Since 2021 | ||
| Details | Website | 2024-10-19 | 4 | Email Verification And Risk Management | ||
| Details | Website | 2024-10-17 | 0 | Why is Cyber Incident Reporting Important? | ||
| Details | Website | 2024-10-16 | 4 | At Nearly $1 Billion Global Impact, the Best Cloud Security Couldn’t Stop This Hybrid Attack Path. Lesson: Map and Close Viable Attack Paths Before Breaches Begin. | ||
| Details | Website | 2024-10-16 | 2 | There is no magic roadmap | ||
| Details | Website | 2024-10-13 | 0 | Leveraging Generative AI and AI Agents for Supplier Risk and Cybersecurity | ||
| Details | Website | 2024-10-11 | 3 | Enhancing Client Trust through Secure Document Handling with Black Vault | ||
| Details | Website | 2024-10-11 | 0 | A Beginner’s Guide to Cybersecurity for Global Enterprises | ||
| Details | Website | 2024-10-11 | 0 | CYBERSECURITY: A CORNERSTONE OF DIGITAL NATION | ||
| Details | Website | 2024-10-10 | 1 | Cyber Signals Issue 8 | Education under siege: How cybercriminals target our schools | ||
| Details | Website | 2024-10-10 | 1 | Cyber Signals: Cyberthreats in K-12 and higher education | Microsoft Security Blog |