Detections
Analytics
Exploitation of Remote Services
Description
Adversaries may steal data by exfiltrating it over an un-encrypted network protocol other than that of the existing command and control channel.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|---|---|---|---|---|---|
| Tenable Vulnerability Management | Advanced Network Scan | Windows machines | Unauthenticated or Authenticated Scan | Any | Vulnerabilities | |
| Tenable Vulnerability Management | Advanced Network Scan | Windows machines | Authenticated Scan | OS Command | Computer Connectivity | |
| Tenable Vulnerability Management | Advanced Network Scan | Windows machines | Unauthenticated or Authenticated Scan | Any | Vulnerabilities | |
| Tenable Vulnerability Management | Advanced Network Scan | Windows machines | Authenticated Scan | OS Command | Computer Connectivity |
References
Attack Path Technique Details
Framework: MITRE ATT&CK
Family: Lateral Movement
Technique: Exploitation of Remote Services
Products Required: Tenable Vulnerability Management