Suspicious Where Execution (725a9768-0f5e-4cb3-aec2-bc5719c6831a)
Adversaries may enumerate browser bookmarks to learn more about compromised hosts. Browser bookmarks may reveal personal information about users (ex: banking sites, interests, social media, etc.) as well as details about internal network resources such as servers, tools/dashboards, or other related infrastructure.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Suspicious Where Execution (725a9768-0f5e-4cb3-aec2-bc5719c6831a) | Sigma-Rules | Browser Information Discovery - T1217 (5e4a2073-9643-44cb-a0b5-e7f4048446c7) | Attack Pattern | 1 |