We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Breach reports
Reconnaissance, Initial Access, Persistence, Defense Evasion, Discovery, Collection, Impact
https://permiso.io/blog/s/unmasking-guivil-new-cloud-threat-actor/
attack:T1593:Search Open Websites/Domains attack:T1190:Exploit Public-Facing Application attack:T1078.004:Cloud Accounts attack:T1526:Cloud Service Discovery attack:T1619:Cloud Storage Object Discovery attack:T1069:Permission Groups Discovery attack:T1069.003:Cloud Groups attack:T1602:Data from Configuration Repository attack:T1213.003:Code Repositories attack:T1098:Account Manipulation attack:T1098.003:Additional Cloud Roles attack:T1136:Create Account attack:T1136.003:Cloud Account attack:T1036:Masquerading attack:T1021.004:SSH attack:T1578:Modify Cloud Compute Infrastructure attack:T1578.002:Create Cloud Instance attack:T1525:Implant Internal Image attack:T1496:Resource Hijacking
No response
GUI-vil
Linux, Hosting
Cloud hosted services
The text was updated successfully, but these errors were encountered:
timb-machine
No branches or pull requests
Area
Breach reports
Parent threat
Reconnaissance, Initial Access, Persistence, Defense Evasion, Discovery, Collection, Impact
Finding
https://permiso.io/blog/s/unmasking-guivil-new-cloud-threat-actor/
Industry reference
attack:T1593:Search Open Websites/Domains
attack:T1190:Exploit Public-Facing Application
attack:T1078.004:Cloud Accounts
attack:T1526:Cloud Service Discovery
attack:T1619:Cloud Storage Object Discovery
attack:T1069:Permission Groups Discovery
attack:T1069.003:Cloud Groups
attack:T1602:Data from Configuration Repository
attack:T1213.003:Code Repositories
attack:T1098:Account Manipulation
attack:T1098.003:Additional Cloud Roles
attack:T1136:Create Account
attack:T1136.003:Cloud Account
attack:T1036:Masquerading
attack:T1021.004:SSH
attack:T1578:Modify Cloud Compute Infrastructure
attack:T1578.002:Create Cloud Instance
attack:T1525:Implant Internal Image
attack:T1496:Resource Hijacking
Malware reference
No response
Actor reference
GUI-vil
Component
Linux, Hosting
Scenario
Cloud hosted services
The text was updated successfully, but these errors were encountered: