GSPBC-1071 Exfiltration - Exfiltration Over Web Service - GuardSight, Cybersecurity as a Service

GSPBC-1071 Exfiltration – Exfiltration Over Web Service

Exfiltration Over Web Service

Adversaries may use an existing, legitimate external Web service to exfiltrate data rather than their primary command and control channel. Popular Web services acting as an exfiltration mechanism may give a significant amount of cover due to the likelihood that hosts within a network are already communicating with them prior to compromise. Firewall rules may also already exist to permit traffic to these services.

Web service providers also commonly use SSL/TLS encryption, giving adversaries an added level of protection.

Source:
https://attack.mitre.org/techniques/T1567

Back to Playbook Battle Cards

See Playbook Battle Cards on GitHub

Katherine Kostreva2023-08-15T16:00:35+00:00

Free Playbook Battle Cards

Join our newsletter to stay up to date on the latest industry trends, cybersecurity tools, and resources.

Experiencing a breach? Get in touch.

Free Playbook Battle Cards

Join our newsletter to stay up to date on the latest industry trends, cybersecurity tools, and resources.

Experiencing a breach? Get in touch.

GuardSight, Inc.
755 S. Main St., 4-137
Cedar City, UT 84720
info@guardsight.com
844-482-7374