attack.t1123 | Detection.FYI

Audio Capture via PowerShell
Apr 11, 2023 · attack.collection attack.t1123 ·
Share on:
Detects audio capture via PowerShell Cmdlet.

Read More
Audio Capture via SoundRecorder
Mar 5, 2023 · attack.collection attack.t1123 ·
Share on:
Detect attacker collecting audio via SoundRecorder application.

Read More
Audio Capture
Jan 10, 2023 · attack.collection attack.t1123 ·
Share on:
Detects attempts to record audio with arecord utility

Read More
Linux Capabilities Discovery
Dec 27, 2022 · attack.collection attack.privilege_escalation attack.t1123 attack.t1548 ·
Share on:
Detects attempts to discover the files with setuid/setgid capability on them. That would allow adversary to escalate their privileges.

Read More
Processes Accessing the Microphone and Webcam
Oct 25, 2022 · attack.collection attack.t1123 ·
Share on:
Potential adversaries accessing the microphone and webcam in an endpoint.

Read More
Suspicious Camera and Microphone Access
Oct 9, 2022 · attack.collection attack.t1125 attack.t1123 ·
Share on:
Detects Processes accessing the camera and microphone from suspicious folder

Read More