attack.t1123

Dec 8, 2025 · attack.collection attack.t1123 ·

Detects attempts to record audio using the arecord and ecasound utilities.

Feb 3, 2025 · attack.collection attack.t1123 ·

Detects instances where an SIP service on an OpenCanary node has had a SIP request.

Aug 12, 2024 · attack.collection attack.t1123 ·

Detects audio capture via PowerShell Cmdlet.

Aug 12, 2024 · attack.collection attack.t1123 ·

Detect attacker collecting audio via SoundRecorder application.

Aug 12, 2024 · attack.collection attack.t1123 ·

Potential adversaries accessing the microphone and webcam in an endpoint.

Detects Processes accessing the camera and microphone from suspicious folder