Exploit Enterprise Resources

Adversaries may attempt to exploit enterprise servers, workstations, or other resources over the network. This technique may take advantage of the mobile device's access to an internal enterprise network either through local connectivity or through a Virtual Private Network (VPN).

ID: T1428

Tactic Type:  Post-Adversary Device Access

Tactic: Lateral Movement

Platform:  Android, iOS

MTC ID:  APP-32

Version: 1.0

Examples

NameDescription
DressCode

DressCode sets up a "general purpose tunnel" that can be used by an adversary to compromise enterprise networks that the mobile device is connected to.[1]

NotCompatible

NotCompatible has the capability to exploit systems on an enterprise network.[2]

References