Contact Sales

Eliminating MITRE Attacks With Confidential Computing - T1059: Command And Script Interpreter

In a recently published white paper, Anjuna Security analyzed the complete MITRE attack matrix and found 77 Mitre attacks that Confidential Computing can instantly eliminate. Through this series of blogs, we will cover in detail the top five critical attacks to be aware of and address how Confidential Computing paired with Anjuna software can abolish these attacks forever!

MITRE Attack T1059: Command and Scripting Interpreter

 

One of the most prevalent attack techniques used and cataloged within MITRE is T1059: Command and Scripting Interpreter. In this attack, an adversary with access to the scripting language included as part of the operating system (OS), such as Unix Shell, AppleScript, Python, PowerShell, JavaScript, and others, is used as a podium to execute nefarious commands. MITRE has referenced over 20 concrete attacks that employed this approach; two examples recently used for ransomware attacks include the ZeusPanda script and Fivehands ransomware. Once the attacker has command line access or root access, they can abuse those scripting languages as a way to execute commands and create remote execution capabilities; thereby obtaining access to anything that the OS can access.

How to Protect Against MITRE Attack T1059 

Your organization can use Anjuna Confidential Computing software to eliminate the vulnerability of command lines found within the OS - essentially removing command line access as an attack vector.

Anjuna provides you with the means to instantly and seamlessly adopt Confidential Computing technology in any environment (on-premises, hybrid, multi-cloud) to protect against the Command and Scripting Interpreter attack. Through the use of attestation, Anjuna ensures that only the intended applications and the intended code can be executed when run in a secure enclave, thereby preventing any bad actors who seek to exploit vulnerabilities using command and script interpreters.

 

Learn More About Other Attacks! 

To learn more about the other 76 attacks that Anjuna Confidential Computing software can protect against and how you can instantly adopt default protection across your entire environment, take a look at the full MITRE white paper below!

Eliminate 77 MITRE Attacks With Anjuna

The next blog in the series will focus on T1554: Compromise Client Software Binary. So be sure to stay tuned!

Additional Blog Articles

Eliminating MITRE Attacks with Confidential Computing - T1036: Masquerading


Eliminating MITRE Attacks with Confidential Computing - T1542: Pre-OS Boot


Eliminating MITRE Attacks with Confidential Computing - T1554: Compromise Client Software Binary