Active Directory Kerberos Attacks |
Password Spraying, Brute Force |
Credential Access |
Azure Active Directory Account Takeover |
Malicious File, User Execution |
Execution |
Azure Active Directory Privilege Escalation |
Account Manipulation, Additional Cloud Roles |
Persistence |
GCP Account Takeover |
Compromise Accounts, Cloud Accounts, Brute Force, Password Spraying, Credential Stuffing |
Resource Development |
Insider Threat |
Password Spraying, Brute Force |
Credential Access |
Office 365 Account Takeover |
Steal Application Access Token |
Credential Access |
Office 365 Persistence Mechanisms |
Account Manipulation, Additional Cloud Roles |
Persistence |
Okta Account Takeover |
Cloud Accounts |
Resource Development |
Snake Keylogger |
Malicious File, User Execution |
Execution |
Snake Malware |
Kernel Modules and Extensions, Service Execution |
Persistence |
Sneaky Active Directory Persistence Tricks |
Security Support Provider, Boot or Logon Autostart Execution |
Persistence |