We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Malware reports
Reconnaissance, Initial Access, Persistence, Privilege Escalation, Defense Evasion
https://www.cadosecurity.com/updates-to-legion-a-cloud-credential-harvester-and-smtp-hijacker/
attack:T1594:Search Victim-Owned Websites attack:T1589:Gather Victim Identity Information attack:T1589.001:Credentials attack:T1133:External Remote Services attack:T1078:Valid Accounts
Legion wltm
No response
Linux
Cloud hosted services
The text was updated successfully, but these errors were encountered:
timb-machine
No branches or pull requests
Area
Malware reports
Parent threat
Reconnaissance, Initial Access, Persistence, Privilege Escalation, Defense Evasion
Finding
https://www.cadosecurity.com/updates-to-legion-a-cloud-credential-harvester-and-smtp-hijacker/
Industry reference
attack:T1594:Search Victim-Owned Websites
attack:T1589:Gather Victim Identity Information
attack:T1589.001:Credentials
attack:T1133:External Remote Services
attack:T1078:Valid Accounts
Malware reference
Legion
wltm
Actor reference
No response
Component
Linux
Scenario
Cloud hosted services
The text was updated successfully, but these errors were encountered: