https://feed.craftedsignal.io/tags/attack.t1562/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioTue, 09 Jan 2024 14:30:00 +0000https://feed.craftedsignal.io/briefs/2024-01-09-linux-service-disable/Tue, 09 Jan 2024 14:30:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2024-01-09-linux-service-disable/Attackers may halt or disable security services on Linux systems to evade defenses, maintain persistence, or disrupt operations, detected through the use of utilities like 'systemctl', 'service', and 'chkconfig'.Attackers may attempt to stop or disable services on a compromised Linux system to impair security tools, disrupt operations, or facilitate further malicious activities. This can involve disabling security software, logging mechanisms, or other critical services that could hinder the attacker’s objectives. This activity often forms part of a broader attack campaign aimed at maintaining persistence, evading detection, or causing system-wide disruption. The commands systemctl, service, and…

]]>mediumadvisoryattack.defense-evasionattack.t1562attack.impactattack.t1489