TECHNIQUES
- Home
- Techniques
- PRE-ATT&CK
- Mine technical blogs/forums
Mine technical blogs/forums
Technical blogs and forums provide a way for technical staff to ask for assistance or troubleshoot problems. In doing so they may reveal information such as operating system (OS), network devices, or applications in use. [1]
ID: T1257
Sub-techniques:
No sub-techniques
Tactic:
Technical Information Gathering
Version: 1.0
Created: 14 December 2017
Last Modified: 17 October 2018
Detection
Detectable by Common Defenses (Yes/No/Partial): No
Explanation: Cannot detect access to public sites.
Difficulty for the Adversary
Easy for the Adversary (Yes/No): Yes
Explanation: Success is dependent upon the existence of detailed technical specifications for target network posted in blogs/forums. Poor OPSEC practices result in an adversary gleaning a lot of sensitive information about configurations and/or issues encountered.
References
- Jeff Bardin. (2012, October 10). OSINT and Cyber Intelligence - Fun and Sun in Miami. Retrieved March 1, 2017.
×