1. Home
  2. Detection Strategies
  3. Detection of Exploitation of Remote Services

Detection of Exploitation of Remote Services

Technique Detected:  Exploitation of Remote Services | T1428

ID: DET0663
Domains: Mobile
Analytics: AN1755, AN1756
Version: 1.0
Created: 21 October 2025
Last Modified: 21 October 2025
Version Permalink

Analytics

AN1755

Network traffic analysis could reveal patterns of compromise if devices attempt to access unusual targets or resources.
Application vetting may be able to identify applications that perform Discovery or utilize existing connectivity to remotely access hosts within an internal enterprise network.

Log Sources
Data Component Name Channel
Network Traffic Content (DC0085) Network Traffic None
Network Communication (DC0113) Application Vetting None

AN1756

Network traffic analysis could reveal patterns of compromise if devices attempt to access unusual targets or resources.
Application vetting may be able to identify applications that perform Discovery or utilize existing connectivity to remotely access hosts within an internal enterprise network.

Log Sources
Data Component Name Channel
Network Traffic Content (DC0085) Network Traffic None
Network Communication (DC0113) Application Vetting None