By performing reconnaissance through active scanning, threat actors can gain a lot of useful informatoin about your organization and network. They may find open websites and database and make a plan to attack them. Next, they move on to exploit known vulnerabilities in public-facing applications. The flaws they take advantage of could affect your databases, services, or management protocols. Sometimes threat actors like Prophet Spider will gain access to your system and then sell that access to other bad actors, such as ransomware gangs.
It is vitally important to learn how to detect and mitigate these types of techniques to protect your organization.
Get the hands-on skills you need to detect and mitigate this attack in Cybrary's MITRE ATT&CK Framework courses aligned to the tactics and techniques used by the financially motivated threat group Prophet Spider. Prevent adversaries from accomplishing the tactics of Reconnaissance and Initial Access in your environment today.
