ioc[.]one - OSINT Cyber Threat Intelligence Database

A guide to threat hunting and monitoring in Snowflake | Datadog Security Labs

Tags

cmtmf-attack-pattern:

attack-pattern:

Data Model Credentials - T1589.001 Data From Cloud Storage - T1530 Domain Or Tenant Policy Modification - T1484 Exfiltration Over Web Service - T1567 Ip Addresses - T1590.005 Multi-Factor Authentication - T1556.006 Server - T1583.004 Server - T1584.004 Steal Application Access Token - T1528 Steal Application Access Token - T1635 Tool - T1588.002 Account Manipulation - T1098 Brute Force - T1110 Connection Proxy - T1090 Valid Accounts - T1078 Trusted Relationship - T1199 Valid Accounts

Show in Graph

Common Information

Type	Value
UUID	0028276a-8ace-4ca3-8b82-134703a935ee
Fingerprint	2f1bdb97bd224805
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 7, 2024, midnight
Added to db	Aug. 31, 2024, 8:18 a.m.
Last updated	Nov. 17, 2024, 6:56 p.m.
Headline	A guide to threat hunting and monitoring in Snowflake
Title	A guide to threat hunting and monitoring in Snowflake \| Datadog Security Labs
Detected Hints/Tags/Attributes	63/2/76

Source URLs

	Redirection	Url
Details	Source	https://securitylabs.datadoghq.com/articles/a-guide-to-threat-hunting-and-monitoring-in-snowflake/

URL Provider

Details	Provider	Source level domain
Details	datadoghq.com	securitylabs.datadoghq.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	230	✔	Datadog Security Labs	https://securitylabs.datadoghq.com/rss/feed.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	File	1	account_usage.log
Details	File	1	account_usage.dat
Details	IPv4	2	104.223.91.28
Details	IPv4	2	198.54.135.99
Details	IPv4	2	184.147.100.29
Details	IPv4	2	146.70.117.210
Details	IPv4	2	198.54.130.153
Details	IPv4	2	169.150.203.22
Details	IPv4	2	185.156.46.163
Details	IPv4	2	146.70.171.99
Details	IPv4	2	206.217.206.108
Details	IPv4	2	45.86.221.146
Details	IPv4	2	193.32.126.233
Details	IPv4	2	87.249.134.11
Details	IPv4	2	66.115.189.247
Details	IPv4	2	104.129.24.124
Details	IPv4	2	146.70.171.112
Details	IPv4	2	198.54.135.67
Details	IPv4	2	146.70.124.216
Details	IPv4	2	45.134.142.200
Details	IPv4	2	206.217.205.49
Details	IPv4	2	146.70.117.56
Details	IPv4	2	169.150.201.25
Details	IPv4	2	66.63.167.147
Details	IPv4	2	194.230.144.126
Details	IPv4	2	146.70.165.227
Details	IPv4	2	154.47.30.137
Details	IPv4	2	154.47.30.150
Details	IPv4	2	96.44.191.140
Details	IPv4	2	146.70.166.176
Details	IPv4	2	198.44.136.56
Details	IPv4	2	176.123.6.193
Details	IPv4	2	192.252.212.60
Details	IPv4	2	173.44.63.112
Details	IPv4	2	37.19.210.34
Details	IPv4	3	37.19.210.21
Details	IPv4	2	185.213.155.241
Details	IPv4	2	198.44.136.82
Details	IPv4	2	93.115.0.49
Details	IPv4	2	204.152.216.105
Details	IPv4	2	198.44.129.82
Details	IPv4	2	185.248.85.59
Details	IPv4	2	198.54.131.152
Details	IPv4	2	102.165.16.161
Details	IPv4	2	185.156.46.144
Details	IPv4	2	45.134.140.144
Details	IPv4	2	198.54.135.35
Details	IPv4	2	176.123.3.132
Details	IPv4	2	185.248.85.14
Details	IPv4	2	169.150.223.208
Details	IPv4	2	162.33.177.32
Details	IPv4	2	194.230.145.67
Details	IPv4	2	5.47.87.202
Details	IPv4	2	194.230.160.5
Details	IPv4	2	194.230.147.127
Details	IPv4	2	176.220.186.152
Details	IPv4	2	194.230.160.237
Details	IPv4	2	194.230.158.178
Details	IPv4	2	194.230.145.76
Details	IPv4	2	45.155.91.99
Details	IPv4	2	194.230.158.107
Details	IPv4	2	194.230.148.99
Details	IPv4	2	194.230.144.50
Details	IPv4	2	185.204.1.178
Details	IPv4	2	79.127.217.44
Details	IPv4	2	104.129.24.115
Details	IPv4	2	146.70.119.24
Details	IPv4	2	138.199.34.144
Details	MITRE ATT&CK Techniques	306	T1078
Details	MITRE ATT&CK Techniques	52	T1199
Details	MITRE ATT&CK Techniques	39	T1484
Details	MITRE ATT&CK Techniques	112	T1098
Details	MITRE ATT&CK Techniques	40	T1528
Details	MITRE ATT&CK Techniques	125	T1110
Details	MITRE ATT&CK Techniques	19	T1530
Details	MITRE ATT&CK Techniques	126	T1567