Home/ MITRE Matrix/ Exfiltration/ T1030

T1030Data Transfer Size Limits

T1030 — Data Transfer Size Limits is a MITRE ATT&CK technique in the Exfiltration tactic. Clankerusecase tracks 4 detection use cases covering it and 1 threat-intel article citing it.

Exfiltration

View on the matrix → Filter Detection Library MITRE official spec ↗

4Use cases

1Articles

0Sub-techniques

1Tactic

Use cases covering this technique (4)

Linux Auditd Data Transfer Size Limits Via Split ESCU actions · hunting P Linux Auditd Data Transfer Size Limits Via Split Syscall ESCU actions · hunting P MacOS Data Chunking ESCU actions · hunting P [LLM] Multi-GB outbound transfer from single user to Tchap/Matrix endpoint (exfil volume) Bespoke actions · hunting DSPDDCS

Articles citing this technique (1)

med Over 73,000 French govt employees affected in Tchap messenger breach art-35