Investigating Data Leakage via External Storage Devices – Compass Security Blog
Tags
attack-pattern: Data Server - T1583.004 Server - T1584.004 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID b8808ad4-e48b-445e-98d3-ece0d9790111
Fingerprint 3451a87f3bf37d84
Analysis status DONE
Considered CTI value 0
Text language
Published April 26, 2019, midnight
Added to db Jan. 18, 2023, 8:22 p.m.
Last updated Nov. 17, 2024, 6:49 p.m.
Headline Investigating Data Leakage via External Storage Devices
Title Investigating Data Leakage via External Storage Devices – Compass Security Blog
Detected Hints/Tags/Attributes 23/1/8
Source URLs
Redirection Url
Details Source https://blog.compass-security.com/2019/04/investigating-data-leakage-via-external-storage-devices/
URL Provider
Details Provider Source level domain
Details compass-security.com blog.compass-security.com
Attributes
Details Type #Events CTI Value
Details Domain 170 
www.sans.org
Details Domain 281 
docs.microsoft.com
Details File 1 
secretgadgets.docx
Details File 1260 
explorer.exe
Details Url 1 
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/audit-policy-recommendations
Details Url 1 
https://www.sans.org/security-resources/posters
Details Url 1 
https://www.sans.org/security-resources/posters/dfir/windows-forensic-analysis-170
Details Url 4 
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon