← Back to Explore
T1499
Endpoint Denial of Service
Adversaries may perform Endpoint Denial of Service (DoS) attacks to degrade or block the availability of services to users. Endpoint DoS can be performed by exhausting the system resources those services are hosted on or exploiting the system to cause a persistent crash condition. Example services include websites, email services, DNS, and web-based applications. Adversaries have been observed conducting DoS attacks for political purposes(Citation: FireEye OpPoisonedHandover February 2016) and t...
WindowsLinuxmacOSContainersIaaS
10
Detections
3
Sources
1
Threat Actors
BY SOURCE
5elastic4splunk_escu1sigma
PROCEDURES (6)
Service3 detections
Auto-extracted: 3 detections for service
Service2 detections
Auto-extracted: 2 detections for service
Bypass2 detections
Auto-extracted: 2 detections for bypass
Service1 detections
Auto-extracted: 1 detections for service
Exfiltrat1 detections
Auto-extracted: 1 detections for exfiltrat
Exfiltrat1 detections
Auto-extracted: 1 detections for exfiltrat
THREAT ACTORS (1)
DETECTIONS (10)
Abnormally Large DNS Response
elasticmedium
Cisco Secure Firewall - Static Tundra Smart Install Abuse
splunk_escu
Decline in host-based traffic
elasticlow
ESXi Bulk VM Termination
splunk_escu
Linux Magic SysRq Key Abuse
splunk_escu
Ollama Possible Memory Exhaustion Resource Abuse
splunk_escu
Possible Okta DoS Attack
elasticmedium
Potential Abuse of Linux Magic System Request Key
sigmamedium
Spike in Firewall Denies
elasticlow
Spike in host-based traffic
elasticlow