Skip to content

Hide Navigation Hide TOC

Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157)

Protect sensitive information with strong encryption.

Cluster A Galaxy A Cluster B Galaxy B Level
OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22) Attack Pattern Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action 1
Data Manipulation - T1565 (ac9e6b22-11bf-45d7-9181-c1cb08360931) Attack Pattern Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action Data from Cloud Storage - T1530 (3298ce88-1628-43b1-87d9-0b5336b193d7) Attack Pattern 1
Application Access Token - T1550.001 (f005e783-57d4-4837-88ad-dbe7faee1c51) Attack Pattern Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action Automated Collection - T1119 (30208d3e-0d6b-43c8-883e-44462a514619) Attack Pattern 1
Content Injection - T1659 (43c9bc06-715b-42db-972f-52d25c09a20c) Attack Pattern Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action Steal or Forge Authentication Certificates - T1649 (7de1f7ac-5d0c-4c9c-8873-627202205331) Attack Pattern 1
SNMP (MIB Dump) - T1602.001 (ee7ff928-801c-4f34-8a99-3df965e581a5) Attack Pattern Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action Steal or Forge Kerberos Tickets - T1558 (3fc01293-ef5e-41c6-86ce-61f10706b64a) Attack Pattern 1
Adversary-in-the-Middle - T1557 (035bb001-ab69-4a0b-9f6c-2de8b09e1b9d) Attack Pattern Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action 1
AS-REP Roasting - T1558.004 (3986e7fd-a8e9-4ecb-bfc6-55920855912b) Attack Pattern Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action Unsecured Credentials - T1552 (435dfb86-2697-4867-85b5-2fef496c0517) Attack Pattern 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action NTDS - T1003.003 (edf91964-b26e-4b4a-9600-ccacd7d7df24) Attack Pattern 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action Network Sniffing - T1040 (3257eb21-f9a7-4430-8de1-d8b6e288f529) Attack Pattern 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action Clear Windows Event Logs - T1070.001 (6495ae23-3ab4-43c5-a94f-5638a2c31fd2) Attack Pattern 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern 1
Kerberoasting - T1558.003 (f2877f7f-9a4c-4251-879f-1224e3006bee) Attack Pattern Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action Network Device Configuration Dump - T1602.002 (52759bf1-fe12-4052-ace6-c5b0cf7dd7fd) Attack Pattern 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action Stored Data Manipulation - T1565.001 (1cfcb312-b8d7-47a4-b560-4b16cc677292) Attack Pattern 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action Private Keys - T1552.004 (60b508a1-6a5e-46b1-821a-9f7b78752abf) Attack Pattern 1
Clear Linux or Mac System Logs - T1070.002 (2bce5b30-7014-4a5d-ade7-12913fe6ac36) Attack Pattern Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action 1
Transmitted Data Manipulation - T1565.002 (d0613359-5781-4fd2-b5be-c269270be1f6) Attack Pattern Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action 1
Traffic Duplication - T1020.001 (7c46b364-8496-4234-8a56-f7e6727e21e1) Attack Pattern Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action 1
Local Email Collection - T1114.001 (1e9eb839-294b-48cc-b0d3-c45555a2a004) Attack Pattern Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action 1
Silver Ticket - T1558.002 (d273434a-448e-4598-8e14-607f4a0d5e27) Attack Pattern Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action Remote Email Collection - T1114.002 (b4694861-542c-48ea-9eb1-10d356e7140a) Attack Pattern 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action Data from Configuration Repository - T1602 (0ad7bc5c-235a-4048-944b-3b286676cb74) Attack Pattern 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action Email Collection - T1114 (1608f3e1-598a-42f4-a01a-2e252e81728f) Attack Pattern 1
Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action ARP Cache Poisoning - T1557.002 (cabe189c-a0e3-4965-a473-dcff00f17213) Attack Pattern 1
Email Forwarding Rule - T1114.003 (7d77a07d-02fe-4e88-8bd9-e9c008c01bf0) Attack Pattern Encrypt Sensitive Information - M1041 (feff9142-e8c2-46f4-842b-bd6fb3d41157) Course of Action 1
Application Access Token - T1550.001 (f005e783-57d4-4837-88ad-dbe7faee1c51) Attack Pattern Use Alternate Authentication Material - T1550 (51a14c76-dd3b-440b-9c20-2bf91d25a814) Attack Pattern 2
SNMP (MIB Dump) - T1602.001 (ee7ff928-801c-4f34-8a99-3df965e581a5) Attack Pattern Data from Configuration Repository - T1602 (0ad7bc5c-235a-4048-944b-3b286676cb74) Attack Pattern 2
AS-REP Roasting - T1558.004 (3986e7fd-a8e9-4ecb-bfc6-55920855912b) Attack Pattern Steal or Forge Kerberos Tickets - T1558 (3fc01293-ef5e-41c6-86ce-61f10706b64a) Attack Pattern 2
OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22) Attack Pattern NTDS - T1003.003 (edf91964-b26e-4b4a-9600-ccacd7d7df24) Attack Pattern 2
Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern Clear Windows Event Logs - T1070.001 (6495ae23-3ab4-43c5-a94f-5638a2c31fd2) Attack Pattern 2
Kerberoasting - T1558.003 (f2877f7f-9a4c-4251-879f-1224e3006bee) Attack Pattern Steal or Forge Kerberos Tickets - T1558 (3fc01293-ef5e-41c6-86ce-61f10706b64a) Attack Pattern 2
Data from Configuration Repository - T1602 (0ad7bc5c-235a-4048-944b-3b286676cb74) Attack Pattern Network Device Configuration Dump - T1602.002 (52759bf1-fe12-4052-ace6-c5b0cf7dd7fd) Attack Pattern 2
Data Manipulation - T1565 (ac9e6b22-11bf-45d7-9181-c1cb08360931) Attack Pattern Stored Data Manipulation - T1565.001 (1cfcb312-b8d7-47a4-b560-4b16cc677292) Attack Pattern 2
Unsecured Credentials - T1552 (435dfb86-2697-4867-85b5-2fef496c0517) Attack Pattern Private Keys - T1552.004 (60b508a1-6a5e-46b1-821a-9f7b78752abf) Attack Pattern 2
Clear Linux or Mac System Logs - T1070.002 (2bce5b30-7014-4a5d-ade7-12913fe6ac36) Attack Pattern Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) Attack Pattern 2
Transmitted Data Manipulation - T1565.002 (d0613359-5781-4fd2-b5be-c269270be1f6) Attack Pattern Data Manipulation - T1565 (ac9e6b22-11bf-45d7-9181-c1cb08360931) Attack Pattern 2
Traffic Duplication - T1020.001 (7c46b364-8496-4234-8a56-f7e6727e21e1) Attack Pattern Automated Exfiltration - T1020 (774a3188-6ba9-4dc4-879d-d54ee48a5ce9) Attack Pattern 2
Local Email Collection - T1114.001 (1e9eb839-294b-48cc-b0d3-c45555a2a004) Attack Pattern Email Collection - T1114 (1608f3e1-598a-42f4-a01a-2e252e81728f) Attack Pattern 2
Silver Ticket - T1558.002 (d273434a-448e-4598-8e14-607f4a0d5e27) Attack Pattern Steal or Forge Kerberos Tickets - T1558 (3fc01293-ef5e-41c6-86ce-61f10706b64a) Attack Pattern 2
Remote Email Collection - T1114.002 (b4694861-542c-48ea-9eb1-10d356e7140a) Attack Pattern Email Collection - T1114 (1608f3e1-598a-42f4-a01a-2e252e81728f) Attack Pattern 2
Adversary-in-the-Middle - T1557 (035bb001-ab69-4a0b-9f6c-2de8b09e1b9d) Attack Pattern ARP Cache Poisoning - T1557.002 (cabe189c-a0e3-4965-a473-dcff00f17213) Attack Pattern 2
Email Forwarding Rule - T1114.003 (7d77a07d-02fe-4e88-8bd9-e9c008c01bf0) Attack Pattern Email Collection - T1114 (1608f3e1-598a-42f4-a01a-2e252e81728f) Attack Pattern 2