Potential Data Stealing Via Chromium Headless Debugging (3e8207c5-fcd2-4ea6-9418-15d45b4890e4)
Detects chromium based browsers starting in headless and debugging mode and pointing to a user profile. This could be a sign of data stealing or remote control
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Browser Session Hijacking - T1185 (544b0346-29ad-41e1-a808-501bb4193f47) | Attack Pattern | Potential Data Stealing Via Chromium Headless Debugging (3e8207c5-fcd2-4ea6-9418-15d45b4890e4) | Sigma-Rules | 1 |