Common Information
| Type | Value |
|---|---|
| Value |
Domain Account - T1136.002 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may create a domain account to maintain access to victim systems. Domain accounts are those managed by Active Directory Domain Services where access and permissions are configured across systems and services that are part of that domain. Domain accounts can cover user, administrator, and service accounts. With a sufficient level of access, the <code>net user /add /domain</code> command can be used to create a domain account.(Citation: Savill 1999) Such accounts may be used to establish secondary credentialed access that do not require persistent remote access tools to be deployed on the system. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-11-01 | 0 | 4 key strategies for school ransomware prevention and response | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-11-01 | 39 | Dark Web Profile: Tropic Trooper (APT23) - SOCRadar® Cyber Intelligence Inc. | ||
| Details | Website | 2024-10-25 | 6 | Cybersecurity News Review — Week 43 | ||
| Details | Website | 2024-10-24 | 0 | 50,000 Files Exposed in Nidec Ransomware Attack | #ransomware | #cybercrime | National Cyber Security Consulting | ||
| Details | Website | 2024-10-23 | 76 | Embargo ransomware: Rock’n’Rust | ||
| Details | Website | 2024-10-21 | 0 | 50,000 Files Exposed in Nidec Ransomware Attack | ||
| Details | Website | 2024-10-21 | 138 | Intro to Active Directory HTB-Academy | ||
| Details | Website | 2024-10-16 | 108 | Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations | CISA | ||
| Details | Website | 2024-10-09 | 2 | Enhancing AD Security Against Password Spraying Attacks | ||
| Details | Website | 2024-10-01 | 41 | Building a Hands-on Active Directory Lab for Beginners | ||
| Details | Website | 2024-09-23 | 0 | Significant hacktivist attacks launched against Russia | ||
| Details | Website | 2024-09-12 | 6 | Active Directory Setup Guide: Installation and Configuration | ||
| Details | Website | 2024-09-04 | 19 | Exploiting Exchange PowerShell After ProxyNotShell: Part 1 - MultiValuedProperty | ||
| Details | Website | 2024-08-28 | 44 | BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks | ||
| Details | Website | 2024-08-14 | 53 | SCCMSecrets.py: exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement | ||
| Details | Website | 2024-07-02 | 5 | Pentesting results for 2023 | ||
| Details | Website | 2024-07-01 | 9 | Tales From the Incident Response Cliff Face – Case Study 3 | ||
| Details | Website | 2024-05-16 | 11 | Security Brief: Artificial Sweetener: SugarGh0st RAT Used to Target American Artificial Intelligence Experts | Proofpoint US | ||
| Details | Website | 2024-04-24 | 2 | How to Secure Your Website: Top Tips From Enterprise Security Experts | ||
| Details | Website | 2024-03-21 | 4 | Citrix ADC - Unexpected Treasure | ||
| Details | Website | 2024-03-18 | 96 | Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks | ||
| Details | Website | 2024-03-18 | 96 | Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks | ||
| Details | Website | 2024-01-04 | 63 | ATT&CK을 이용해 스스로 평가하기(APT3, Second Scenario) | ||
| Details | Website | 2023-12-06 | 198 | Russia/Ukraine Update - December 2023 | ||
| Details | Website | 2023-11-28 | 81 | Aki-RATs - Command and Control Party |