Detections
Analytics
Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol (Windows)
Description
Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|---|---|---|---|---|---|
| Tenable Vulnerability Management | Advanced Network Scan | Windows machines | Authenticated Scan | OS Command | Computer Connectivity | Plugin ID: 64582 |
References
Attack Path Technique Details
Framework: MITRE ATT&CK
Family: Exfiltration
Technique: Exfiltration Over Alternative Protocol
Sub-Technique: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
Platform: Windows
Products Required: Tenable Vulnerability Management
Tenable Release Date: 2022 Q3 (GA)