{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/attack.t1562/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["medium"],"_cs_tags":["attack.defense-evasion","attack.t1562","attack.impact","attack.t1489"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eAttackers may attempt to stop or disable services on a compromised Linux system to impair security tools, disrupt operations, or facilitate further malicious activities. This can involve disabling security software, logging mechanisms, or other critical services that could hinder the attacker\u0026rsquo;s objectives. This activity often forms part of a broader attack campaign aimed at maintaining persistence, evading detection, or causing system-wide disruption. The commands \u003ccode\u003esystemctl\u003c/code\u003e, \u003ccode\u003eservice\u003c/code\u003e, and…\u003c/p\u003e\n","date_modified":"2024-01-09T14:30:00Z","date_published":"2024-01-09T14:30:00Z","id":"/briefs/2024-01-09-linux-service-disable/","summary":"Attackers may halt or disable security services on Linux systems to evade defenses, maintain persistence, or disrupt operations, detected through the use of utilities like 'systemctl', 'service', and 'chkconfig'.","title":"Linux Service Stop and Disable Detection","url":"https://feed.craftedsignal.io/briefs/2024-01-09-linux-service-disable/"}],"language":"en","title":"CraftedSignal Threat Feed — Attack.t1562","version":"https://jsonfeed.org/version/1.1"}