Vendor: Linux
July 25, 2023 · View on GitHub
Product: Linux CentOs
| Rules | Models | MITRE TTPs | Event Types | Parsers |
|---|---|---|---|---|
| 14 | 7 | 4 | 1 | 1 |
| Use-Case | Event Types/Parsers | MITRE TTP | Content |
|---|---|---|---|
| Cryptomining | network-connection-failed ↳ centos-network-connection-failed | T1496 - Resource Hijacking |
|
| Lateral Movement | network-connection-failed ↳ centos-network-connection-failed | T1071 - Application Layer Protocol T1090.002 - Proxy: External Proxy T1571 - Non-Standard Port |
|
| Malware | network-connection-failed ↳ centos-network-connection-failed | T1071 - Application Layer Protocol |
|
| Ransomware | network-connection-failed ↳ centos-network-connection-failed | T1071 - Application Layer Protocol |
|
ATT&CK Matrix for Enterprise
| Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Non-Standard Port Proxy: External Proxy Application Layer Protocol Proxy | Resource Hijacking |