Clankerusecase
MITRE ATT&CK detection coverage
 ← Back to main site
Home/ MITRE Matrix/ Exfiltration/ T1537

T1537Transfer Data to Cloud Account

T1537 — Transfer Data to Cloud Account is a MITRE ATT&CK technique in the Exfiltration tactic. Clankerusecase tracks 17 detection use cases covering it.

Exfiltration
View on the matrix → Filter Detection Library MITRE official spec ↗
17Use cases
0Articles
0Sub-techniques
1Tactic

Use cases covering this technique (17)

1Password vault export attempted Internal actions · alerting DD AWS S3 bucket ACL / policy made public Internal actions · alerting DDCW Confluence page public link created Internal actions · alerting DD Confluence space export Internal actions · alerting DD AWS EC2 AMI shared publicly Internal actions · alerting DD AWS EBS snapshot made public Internal actions · alerting DD AWS S3 anomalous bulk download (exfil) Internal actions · alerting DD GitHub repository transfer initiated Internal actions · alerting DD GitLab mass repository download Internal actions · alerting DD Snowflake share created or modified Internal actions · alerting DD ASL AWS EC2 Snapshot Shared Externally ESCU actions · alerting P AWS AMI Attribute Modification for Exfiltration ESCU actions · alerting P AWS EC2 Snapshot Shared Externally ESCU actions · alerting P AWS Exfiltration via Bucket Replication ESCU actions · alerting P AWS Exfiltration via EC2 Snapshot ESCU actions · alerting P AWS S3 Exfiltration Behavior Identified ESCU actions · alerting P High Frequency Copy Of Files In Network Share ESCU actions · hunting P