open-menu
closeme
RDP Over Reverse SSH Tunnel
calendar
Mar 13, 2024
·
attack.command_and_control
attack.t1572
attack.lateral_movement
attack.t1021.001
car.2013-07-002
·
Share on:
twitter
facebook
linkedin
copy
Port Forwarding Activity Via SSH.EXE
calendar
Mar 11, 2024
·
attack.command_and_control
attack.lateral_movement
attack.t1572
attack.t1021.001
attack.t1021.004
·
Share on:
twitter
facebook
linkedin
copy
SSH over port 443 with known Server and Client Strings
calendar
Feb 23, 2024
·
attack.command_and_control
attack.t1572
·
Share on:
twitter
facebook
linkedin
copy
Communication To Ngrok Tunneling Service Initiated
calendar
Feb 12, 2024
·
attack.exfiltration
attack.command_and_control
attack.t1567
attack.t1568.002
attack.t1572
attack.t1090
attack.t1102
attack.s0508
·
Share on:
twitter
facebook
linkedin
copy
Potential RDP Tunneling Via Plink
calendar
Jan 29, 2024
·
attack.command_and_control
attack.t1572
·
Share on:
twitter
facebook
linkedin
copy
Potential RDP Tunneling Via SSH
calendar
Jan 29, 2024
·
attack.command_and_control
attack.t1572
·
Share on:
twitter
facebook
linkedin
copy
PUA - 3Proxy Execution
calendar
Jan 1, 2024
·
attack.command_and_control
attack.t1572
·
Share on:
twitter
facebook
linkedin
copy
Cloudflared Tunnel Connections Cleanup
calendar
Dec 21, 2023
·
attack.command_and_control
attack.t1102
attack.t1090
attack.t1572
·
Share on:
twitter
facebook
linkedin
copy
Cloudflared Tunnel Execution
calendar
Dec 21, 2023
·
attack.command_and_control
attack.t1102
attack.t1090
attack.t1572
·
Share on:
twitter
facebook
linkedin
copy
Communication To Ngrok Tunneling Service - Linux
calendar
Oct 17, 2023
·
attack.exfiltration
attack.command_and_control
attack.t1567
attack.t1568.002
attack.t1572
attack.t1090
attack.t1102
attack.s0508
·
Share on:
twitter
facebook
linkedin
copy
RDP to HTTP or HTTPS Target Ports
calendar
Oct 17, 2023
·
attack.command_and_control
attack.t1572
attack.lateral_movement
attack.t1021.001
car.2013-07-002
·
Share on:
twitter
facebook
linkedin
copy
Silence.EDA Detection
calendar
Apr 11, 2023
·
attack.execution
attack.t1059.001
attack.command_and_control
attack.t1071.004
attack.t1572
attack.impact
attack.t1529
attack.g0091
attack.s0363
·
Share on:
twitter
facebook
linkedin
copy
PUA - Ngrok Execution
calendar
Feb 21, 2023
·
attack.command_and_control
attack.t1572
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Plink Port Forwarding
calendar
Feb 5, 2023
·
attack.command_and_control
attack.t1572
attack.lateral_movement
attack.t1021.001
·
Share on:
twitter
facebook
linkedin
copy
to-top