Common Information
| Type | Value |
|---|---|
| Value |
Security Software Discovery - T1418.001 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may attempt to get a listing of security applications and configurations that are installed on a device. This may include things such as mobile security products. Adversaries may use the information from [Security Software Discovery](https://attack.mitre.org/techniques/T1418/001) during automated discovery to shape follow-on behaviors, including whether or not to fully infect the target and/or attempt specific actions. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2020-06-16 | 61 | Cobalt: tactics and tools update | ||
| Details | Website | 2020-06-09 | 39 | RagnarLocker Ransomware Threatens to Release Confidential Information | McAfee Blog | ||
| Details | Website | 2020-05-21 | 108 | No “Game over” for the Winnti Group | WeLiveSecurity | ||
| Details | Website | 2020-05-09 | 29 | Lazarus group leverages Covid themed HWP Document | ||
| Details | Website | 2020-05-01 | 53 | Tales From the Trenches; a Lockbit Ransomware Story | McAfee Blog | ||
| Details | Website | 2020-04-29 | 83 | Compromised WordPress Sites Distribute Adwind RAT | blog | ||
| Details | Website | 2020-04-23 | 85 | Following ESET’s discovery, a Monero mining botnet is disrupted | WeLiveSecurity | ||
| Details | Website | 2020-03-05 | 125 | Guildma: The Devil drives electric | WeLiveSecurity | ||
| Details | Website | 2019-10-01 | 82 | Head Fake: Tackling Disruptive Ransomware Attacks | Mandiant | ||
| Details | Website | 2019-09-09 | 39 | ESET discovered an undocumented backdoor used by the infamous Stealth Falcon group | WeLiveSecurity | ||
| Details | Website | 2019-07-08 | 188 | Malicious campaign targets South Korean users with backdoor‑laced torrents | WeLiveSecurity |