Domains
Adversaries may acquire domains that can be used during targeting. Domain names are the human readable names used to represent one or more IP addresses. They can be purchased or, in some cases, acquired for free. Adversaries may use acquired domains for a variety of purposes, including for [Phishing](https://attack.mitre.org/techniques/T1566), [Drive-by Compromise](https://attack.mitre.org/techniques/T1189), and Command and Control.(Citation: CISA MSS Sep 2020) Adversaries may choose domains th...
BY SOURCE
PROCEDURES (21)
Auto-extracted: 18 detections for authentication monitoring
Auto-extracted: 10 detections for email security
Auto-extracted: 8 detections for network connection monitoring
Auto-extracted: 4 detections for service
Auto-extracted: 3 detections for credential
Auto-extracted: 2 detections for suspicious
Auto-extracted: 2 detections for suspicious
Auto-extracted: 1 detections for email
Auto-extracted: 1 detections for service
Auto-extracted: 1 detections for office
Auto-extracted: 1 detections for email
Auto-extracted: 1 detections for general monitoring
Auto-extracted: 1 detections for phish
Auto-extracted: 1 detections for cloud
Auto-extracted: 1 detections for phish
Auto-extracted: 1 detections for phish
Auto-extracted: 1 detections for credential
Auto-extracted: 1 detections for cloud
Auto-extracted: 1 detections for process creation monitoring
Auto-extracted: 1 detections for cloud
Auto-extracted: 1 detections for office