Tag
medium
advisory
Persistence via BITS Job Notify Cmdline
2 rules 1 TTPAdversaries can achieve persistence by abusing the Background Intelligent Transfer Service (BITS) SetNotifyCmdLine method to execute a program after a job finishes, leading to arbitrary code execution and system compromise.
Defender XDR +2
persistence
bits
windows
2r
1t
low
advisory
Ingress Transfer via Windows BITS
2 rules 2 TTPsAdversaries may leverage Windows Background Intelligent Transfer Service (BITS) to download executable and archive files to evade defenses and establish command and control.
Background Intelligent Transfer Service +2
bits
ingress-transfer
command-and-control
defense-evasion
windows
2r
2t