T1048: Exfiltration Over Alternative Protocol

Adversaries may steal data by exfiltrating it over a different protocol than that of the existing command and control channel. The data may also be sent to an alternate network location from the main command and control server.

View on MITRE ATT&CK →

AWS AuthorizeSecurityGroupEgress

Adds outbound rules to a VPC security group, permitting traffic from instances to specified destination IP ranges or security groups.

Cloud Service: AWS - EC2

Tactics:

Defense Evasion Exfiltration

Techniques:

T1562.007 T1048

Tags:

AWS EC2