open-menu
closeme
Potential Data Exfiltration Via Curl.EXE
calendar
May 3, 2023
·
attack.exfiltration
attack.t1567
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Curl File Upload - Linux
calendar
May 3, 2023
·
attack.exfiltration
attack.t1567
attack.t1105
·
Share on:
twitter
facebook
linkedin
copy
Tap Driver Installation
calendar
Apr 14, 2023
·
attack.exfiltration
attack.t1048
·
Share on:
twitter
facebook
linkedin
copy
Suspicious WebDav Client Execution
calendar
Apr 11, 2023
·
attack.exfiltration
attack.t1048.003
cve.2023.23397
·
Share on:
twitter
facebook
linkedin
copy
WebDav Client Execution
calendar
Mar 16, 2023
·
attack.exfiltration
attack.t1048.003
·
Share on:
twitter
facebook
linkedin
copy
Active Directory Structure Export Via Csvde.EXE
calendar
Mar 15, 2023
·
attack.exfiltration
·
Share on:
twitter
facebook
linkedin
copy
Active Directory Structure Export Via Ldifde.EXE
calendar
Mar 15, 2023
·
attack.exfiltration
·
Share on:
twitter
facebook
linkedin
copy
PUA - Rclone Execution
calendar
Mar 5, 2023
·
attack.exfiltration
attack.t1567.002
·
Share on:
twitter
facebook
linkedin
copy
Tap Installer Execution
calendar
Mar 5, 2023
·
attack.exfiltration
attack.t1048
·
Share on:
twitter
facebook
linkedin
copy
DNS Exfiltration and Tunneling Tools Execution
calendar
Feb 21, 2023
·
attack.exfiltration
attack.t1048.001
attack.command_and_control
attack.t1071.004
attack.t1132.001
·
Share on:
twitter
facebook
linkedin
copy
Email Exifiltration Via Powershell
calendar
Feb 21, 2023
·
attack.exfiltration
·
Share on:
twitter
facebook
linkedin
copy
Exports Critical Registry Keys To a File
calendar
Feb 21, 2023
·
attack.exfiltration
attack.t1012
·
Share on:
twitter
facebook
linkedin
copy
Copy from Admin Share
calendar
Feb 4, 2023
·
attack.lateral_movement
attack.collection
attack.exfiltration
attack.t1039
attack.t1048
attack.t1021.002
·
Share on:
twitter
facebook
linkedin
copy
Exports Registry Key To a File
calendar
Feb 3, 2023
·
attack.exfiltration
attack.t1012
·
Share on:
twitter
facebook
linkedin
copy
Suspicious PowerShell Mailbox Export to Share
calendar
Feb 3, 2023
·
attack.exfiltration
·
Share on:
twitter
facebook
linkedin
copy
Communication To Mega.nz
calendar
Feb 1, 2023
·
attack.exfiltration
attack.t1567.001
·
Share on:
twitter
facebook
linkedin
copy
Communication To Ngrok Tunneling Service
calendar
Feb 1, 2023
·
attack.exfiltration
attack.command_and_control
attack.t1567
attack.t1568.002
attack.t1572
attack.t1090
attack.t1102
attack.s0508
·
Share on:
twitter
facebook
linkedin
copy
Communication To Ngrok Tunneling Service - Linux
calendar
Feb 1, 2023
·
attack.exfiltration
attack.command_and_control
attack.t1567
attack.t1568.002
attack.t1572
attack.t1090
attack.t1102
attack.s0508
·
Share on:
twitter
facebook
linkedin
copy
Communication To Ngrok.Io
calendar
Feb 1, 2023
·
attack.exfiltration
attack.t1567.001
·
Share on:
twitter
facebook
linkedin
copy
DNS Query for Anonfiles.com Domain - DNS Client
calendar
Feb 1, 2023
·
attack.exfiltration
attack.t1567.002
·
Share on:
twitter
facebook
linkedin
copy
DNS Query for Anonfiles.com Domain - Sysmon
calendar
Feb 1, 2023
·
attack.exfiltration
attack.t1567.002
·
Share on:
twitter
facebook
linkedin
copy
DNS Query for MEGA.io Upload Domain - DNS Client
calendar
Feb 1, 2023
·
attack.exfiltration
attack.t1567.002
·
Share on:
twitter
facebook
linkedin
copy
DNS Query for Ufile.io Upload Domain - DNS Client
calendar
Feb 1, 2023
·
attack.exfiltration
attack.t1567.002
·
Share on:
twitter
facebook
linkedin
copy
Potential Data Exfiltration Via Audio File
calendar
Feb 1, 2023
·
attack.exfiltration
·
Share on:
twitter
facebook
linkedin
copy
Suspicious DNS Query with B64 Encoded String
calendar
Feb 1, 2023
·
attack.exfiltration
attack.t1048.003
attack.command_and_control
attack.t1071.004
·
Share on:
twitter
facebook
linkedin
copy
Suspicious PowerShell Mailbox Export to Share - PS
calendar
Feb 1, 2023
·
attack.exfiltration
·
Share on:
twitter
facebook
linkedin
copy
Suspicious PowerShell Mailbox SMTP Forward Rule
calendar
Feb 1, 2023
·
attack.exfiltration
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Windows Strings In URI
calendar
Feb 1, 2023
·
attack.persistence
attack.exfiltration
attack.t1505.003
·
Share on:
twitter
facebook
linkedin
copy
APT40 Dropbox Tool User Agent
calendar
Jan 31, 2023
·
attack.command_and_control
attack.t1071.001
attack.exfiltration
attack.t1567.002
·
Share on:
twitter
facebook
linkedin
copy
Rclone Activity via Proxy
calendar
Jan 31, 2023
·
attack.exfiltration
attack.t1567.002
·
Share on:
twitter
facebook
linkedin
copy
Powershell DNSExfiltration
calendar
Jan 27, 2023
·
attack.exfiltration
attack.t1048
·
Share on:
twitter
facebook
linkedin
copy
DNS Query for MEGA.io Upload Domain - Sysmon
calendar
Jan 17, 2023
·
attack.exfiltration
attack.t1567.002
·
Share on:
twitter
facebook
linkedin
copy
DNS Query for Ufile.io Upload Domain - Sysmon
calendar
Jan 17, 2023
·
attack.exfiltration
attack.t1567.002
·
Share on:
twitter
facebook
linkedin
copy
DNS TOR Proxies
calendar
Jan 12, 2023
·
attack.exfiltration
attack.t1048
·
Share on:
twitter
facebook
linkedin
copy
Data Exfiltration with Wget
calendar
Jan 10, 2023
·
attack.exfiltration
attack.t1048.003
·
Share on:
twitter
facebook
linkedin
copy
AWS Snapshot Backup Exfiltration
calendar
Jan 10, 2023
·
attack.exfiltration
attack.t1537
·
Share on:
twitter
facebook
linkedin
copy
Suspicious SQL Query
calendar
Jan 10, 2023
·
attack.exfiltration
attack.initial_access
attack.privilege_escalation
attack.t1190
attack.t1505.001
·
Share on:
twitter
facebook
linkedin
copy
Rclone SMB Share Exfiltration
calendar
Jan 8, 2023
·
attack.exfiltration
attack.t567.002
·
Share on:
twitter
facebook
linkedin
copy
DNS Query for Ufile.io Upload Domain
calendar
Jan 8, 2023
·
attack.exfiltration
attack.t1567.002
·
Share on:
twitter
facebook
linkedin
copy
Cisco Stage Data
calendar
Jan 4, 2023
·
attack.collection
attack.lateral_movement
attack.command_and_control
attack.exfiltration
attack.t1074
attack.t1105
attack.t1560.001
·
Share on:
twitter
facebook
linkedin
copy
Data Compressed - PowerShell
calendar
Jan 4, 2023
·
attack.exfiltration
attack.t1560
·
Share on:
twitter
facebook
linkedin
copy
Dnscat Execution
calendar
Jan 4, 2023
·
attack.exfiltration
attack.t1048
attack.execution
attack.t1059.001
·
Share on:
twitter
facebook
linkedin
copy
Powershell Exfiltration Over SMTP
calendar
Jan 4, 2023
·
attack.exfiltration
attack.t1048.003
·
Share on:
twitter
facebook
linkedin
copy
PowerShell ICMP Exfiltration
calendar
Jan 4, 2023
·
attack.exfiltration
attack.t1048.003
·
Share on:
twitter
facebook
linkedin
copy
Windows PowerShell Upload Web Request
calendar
Jan 4, 2023
·
attack.exfiltration
attack.t1020
·
Share on:
twitter
facebook
linkedin
copy
Tap Driver Installation - Security
calendar
Nov 30, 2022
·
attack.exfiltration
attack.t1048
·
Share on:
twitter
facebook
linkedin
copy
Split A File Into Pieces - Linux
calendar
Nov 29, 2022
·
attack.exfiltration
attack.t1030
·
Share on:
twitter
facebook
linkedin
copy
Exfiltration and Tunneling Tools Execution
calendar
Oct 28, 2022
·
attack.exfiltration
attack.command_and_control
attack.t1041
attack.t1572
attack.t1071.001
·
Share on:
twitter
facebook
linkedin
copy
LOLBAS Data Exfiltration by DataSvcUtil.exe
calendar
Oct 28, 2022
·
attack.exfiltration
attack.t1567
·
Share on:
twitter
facebook
linkedin
copy
Suspicious ConfigSecurityPolicy Execution
calendar
Oct 28, 2022
·
attack.exfiltration
attack.t1567
·
Share on:
twitter
facebook
linkedin
copy
««
«
1
2
»
»»
to-top