← Back to Explore
T1048.001
Exfiltration Over Symmetric Encrypted Non-C2 Protocol
Adversaries may steal data by exfiltrating it over a symmetrically encrypted network protocol other than that of the existing command and control channel. The data may also be sent to an alternate network location from the main command and control server. Symmetric encryption algorithms are those that use shared or the same keys/secrets on each end of the channel. This requires an exchange or pre-arranged agreement/possession of the value used to encrypt and decrypt data. Network protocols t...
LinuxmacOSWindowsESXi
2
Detections
2
Sources
0
Threat Actors
BY SOURCE
1elastic1sigma
PROCEDURES (2)
Process Creation Monitoring1 detections
Auto-extracted: 1 detections for process creation monitoring
Cloud Monitoring1 detections
Auto-extracted: 1 detections for cloud monitoring