Trusted Design

T1069.002 - Domain Groups

概要

Adversaries may attempt to find domain-level groups and permission settings. The knowledge of domain-level permission groups can help adversaries determine which groups exist and which users belong to a particular group. Adversaries may use this information to determine which users have elevated permissions, such as domain administrators. Commands such as <code>net group /domain</code> of the [Net](https://attack.mitre.org/software/S0039) utility, <code>dscacheutil -q group</code> on macOS, and <code>ldapsearch</code> on Linux can list domain-level groups.

この攻撃手法を利用する脅威アクター

• LAPSUS$
• ToddyCat
• Volt Typhoon
• OilRig
• Mustang Panda
• FIN7
• INC Ransom
• Ke3chang
• Turla
• Inception
• Dragonfly
• Medusa Group
• Scattered Spider

関連する CVE

この攻撃手法に関連する CVE は登録されていません。

攻撃手法 – 脅威アクター Graph

---

← Technique一覧に戻る