Server Software Component and Clear Command History
Bad actors can gain persistence on your network by abusing software development features that allow legitimate developers to extend server applications. In this way, they can install malicious code for later use. Then, they can cover their tracks by clearing their command history. Learn to detect and thwart this activity and protect your network.
Your organization's enterprise server applications likely offer the flexibility of extensible features that your software developers can build upon so things work the way you need them to. However, bad actors can take advantage of that capability and use it to insert malicious code. In this way, they can achieve persistence on your network. Once they have this foothold they may use the Clear Command History technique to cover their tracks as a Defense Evasion tactic.
It's important to master the skills for detecting and mitigating this type of activity so you can keep attackers from reaching their end goals.
Get the hands-on skills you need to detect and mitigate this attack in Cybrary's MITRE ATT&CK Framework courses aligned to the tactics and techniques used by the financially motivated threat group Prophet Spider. Prevent adversaries from accomplishing the tactics of Persistence and Defense Evasion in your environment today.
Complete this entire course to earn a Server Software Component and Clear Command History Certificate of Completion