← Back to Explore
T1590.002
DNS
Adversaries may gather information about the victim's DNS that can be used during targeting. DNS information may include a variety of details, including registered name servers as well as records that outline addressing for a target’s subdomains, mail servers, and other hosts. DNS MX, TXT, and SPF records may also reveal the use of third party cloud and SaaS providers, such as Office 365, G Suite, Salesforce, or Zendesk.(Citation: Sean Metcalf Twitter DNS Records) Adversaries may gather this in...
PRE
2
Detections
2
Sources
0
Threat Actors
BY SOURCE
1sigma1splunk_escu
PROCEDURES (2)
General Monitoring1 detections
Auto-extracted: 1 detections for general monitoring
Network Connection Monitoring1 detections
Auto-extracted: 1 detections for network connection monitoring