ATT&CK 기법 · Exfiltration
Exfiltration Over Web Service T1567
이 기법을 다룬 REVELARE 한국어 위협 분석 5편 · Exfiltration
이 기법을 다룬 분석
MITRE 공식 정의
Adversaries may use an existing, legitimate external Web service to exfiltrate data rather than their primary command and control channel. Popular Web services acting as an exfiltration mechanism may give a significant amount of cover due to the likelihood that hosts within a network are already communicating with them prior to compromise. Firewall rules may also already exist to permit traffic to these services. Web service providers also commonly use SSL/TLS encryption, gi…
플랫폼: ESXi, Linux, macOS, Office Suite, SaaS, Windows