Tag
high
advisory
Microsoft Devtunnels Execution for Covert Communication
2 rules 1 TTPThe execution of Microsoft devtunnels.exe can be abused by attackers to expose compromised systems to the internet, establish covert communication channels, and bypass network security measures, facilitating data exfiltration or command-and-control.
Visual Studio +3
devtunnels
reverse-proxy
command-and-control
defense-evasion
windows
2r
1t
medium
advisory
Microsoft Devtunnels Image Load Detection
2 rules 2 TTPsThis detection identifies potential misuse of Microsoft Devtunnels within Visual Studio by detecting image load events, indicating that an attacker could expose a compromised system or service to the internet for covert communication and data exfiltration.
Visual Studio +3
devtunnels
reverse-proxy
command-and-control
data-exfiltration
windows
2r
2t