Open timb-machine opened 1 year ago
Malware reports
Reconnaissance, Initial Access, Execution, Persistence, Defense Evasion, Credential Access, Discovery, Command and Control, Impact
https://blog.aquasec.com/threat-alert-anatomy-of-silentbobs-cloud-attack
attack:T1525:Implant Internal Image attack:T1595:Active Scanning attack:T1496:Resource Hijacking attack:T1613:Container and Resource Discovery attack:T1190:Exploit Public-Facing Application attack:T1059:Command and Scripting Interpreter attack:T1610:Deploy Container attack:T1222:File and Directory Permissions Modification attack:T1036:Masquerading attack:T1132:Data Encoding attack:T1552.005:Cloud Instance Metadata API attack:T1082:System Information Discovery attack:T1071.001:Web Protocols attack:T1090.003:Multi-hop Proxy
Tsunami
TeamTNT
Linux
No response
Area
Malware reports
Parent threat
Reconnaissance, Initial Access, Execution, Persistence, Defense Evasion, Credential Access, Discovery, Command and Control, Impact
Finding
https://blog.aquasec.com/threat-alert-anatomy-of-silentbobs-cloud-attack
Industry reference
attack:T1525:Implant Internal Image attack:T1595:Active Scanning attack:T1496:Resource Hijacking attack:T1613:Container and Resource Discovery attack:T1190:Exploit Public-Facing Application attack:T1059:Command and Scripting Interpreter attack:T1610:Deploy Container attack:T1222:File and Directory Permissions Modification attack:T1036:Masquerading attack:T1132:Data Encoding attack:T1552.005:Cloud Instance Metadata API attack:T1082:System Information Discovery attack:T1071.001:Web Protocols attack:T1090.003:Multi-hop Proxy
Malware reference
Tsunami
Actor reference
TeamTNT
Component
Linux
Scenario
No response