CAPEC-529: Malware-Directed Internal Reconnaissance

Adversary uses malware or a similarly controlled application installed inside an organizational perimeter to gather information about the composition, configuration, and security mechanisms of a targeted application, system or network.

Medium

Typical severity

Per MITRE

Medium

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Standard

Abstraction

MITRE classification

Overview

CAPEC-529 (Malware-Directed Internal Reconnaissance) is a standard-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.

CAPEC-529: Malware-Directed Internal Reconnaissance

Overview

What the attacker needs

Prerequisites

Skills required

Resources required

Consequences

How to mitigate it

Frequently asked questions

What is CAPEC-529?

How do you prevent CAPEC-529?

How severe is CAPEC-529?

References

Defend against CAPEC-529

Overview

What the attacker needs

Prerequisites

Skills required

Resources required

Consequences

How to mitigate it

Related attack patterns

Parent

Related

Frequently asked questions

What is CAPEC-529?

How do you prevent CAPEC-529?

How severe is CAPEC-529?

References

Defend against CAPEC-529