Tag
medium
advisory
Cisco 802.1X (dot1x) Disabled on Network Interface
2 rules 2 TTPsDetection of manual disablement of IEEE 802.1X (dot1x) on a Cisco network device interface, potentially allowing unauthorized network access and lateral movement.
IOS
attack.defense-evasion
attack.persistence
attack.credential-access
attack.t1562.001
attack.t1556.004
2r
2t
medium
advisory
Service Startup Type Modification via WMIC
2 rules 2 TTPsAdversaries use the Windows Management Instrumentation Command-line (WMIC) utility to modify the startup type of services, setting them to 'Manual' or 'Disabled' to impair defenses or disrupt system operations.
Windows
attack.execution
attack.t1047
attack.defense-evasion
attack.t1562.001
2r
2t