Skip to main content
MuonPartners
Services
Architecture

Solution design and technology roadmapping

Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security

Security assessments, IAM, and compliance

AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform

Network architecture and cloud platforms

Network DesignCloud StrategyModernisation
Enterprise Architecture

Business-technology alignment

Business AlignmentPortfolio AnalysisGovernance
View all services
ProjectsCase StudiesInsightsToolsAbout
Contact Us

Services

Architecture
Solution AssessmentTechnology RoadmapsIntegration DesignSolution ArchitectureTechnical Design
Cyber Security
AssessmentsIAMComplianceSecurity BaselineCyber Innovation
Network and Platform
Network DesignCloud StrategyModernisation
Enterprise Architecture
Business AlignmentPortfolio AnalysisGovernance
ProjectsCase StudiesInsightsToolsAboutContact
Get in Touch
MuonPartners

Strategic technology consulting for Australian organisations navigating complexity.

Services

  • Architecture
  • Cyber Security
  • Network and Platform
  • Enterprise Architecture

Company

  • About
  • Products
  • Frameworks
  • Cross-Framework Mapping
  • Projects
  • Case Studies
  • Insights
  • Contact

Contact

  • [email protected]
  • Australia
  • LinkedIn

© 2026 Muon Partners. All rights reserved.

ABN 50 669 022 315 · A Muon Group company.

Privacy PolicyTerms of Service
  1. Frameworks
  2. >ATTACK
  3. >Resource Development
  4. >ATTACK-T1588.006
ATTACK-T1588.006Active

Vulnerabilities

Statement

Adversaries may acquire information about vulnerabilities that can be used during targeting. A vulnerability is a weakness in computer hardware or software that can, potentially, be exploited by an adversary to cause unintended or unanticipated behavior to occur. Adversaries may find vulnerability information by searching open databases or gaining access to closed vulnerability databases.(Citation: National Vulnerability Database)

An adversary may monitor vulnerability disclosures/databases to understand the state of existing, as well as newly discovered, vulnerabilities. There is usually a delay between when a vulnerability is discovered and when it is made public. An adversary may target the systems of those known to conduct vulnerability research (including commercial vendors). Knowledge of a vulnerability may cause an adversary to search for an existing exploit (i.e. Exploits) or to attempt to develop one themselves (i.e. Exploits).

Location

Tactic
Resource Development

Technique Details

Identifier
ATTACK-T1588.006
Parent Technique
ATTACK-T1588
ATT&CK Page
View on MITRE

Tactics

Resource Development

Platforms

PRE

Detection

Detection of Vulnerabilities

Mitigations

Pre-compromise: Pre-compromise mitigations involve proactive measures and defenses implemented to prevent adversaries from successfully identifying and exploiting weaknesses during the Reconnaissance and Resource Development phases of an attack. These activities focus on reducing an organization's attack surface, identify adversarial preparation efforts, and increase the difficulty for attackers to conduct successful operations. This mitigation can be implemented through the following measures:

Limit Information Exposure:

  • Regularly audit and sanitize publicly available data, including job posts, websites, and social media.
  • Use tools like OSINT monitoring platforms (e.g., SpiderFoot, Recon-ng) to identify leaked information.

Protect Domain and DNS Infrastructure:

  • Enable DNSSEC and use WHOIS privacy protection.
  • Monitor for domain hijacking or lookalike domains using services like RiskIQ or DomainTools.

External Monitoring:

  • Use tools like Shodan, Censys to monitor your external attack surface.
  • Deploy external vulnerability scanners to proactively address weaknesses.

Threat Intelligence:

  • Leverage platforms like MISP, Recorded Future, or Anomali to track adversarial infrastructure, tools, and activity.

Content and Email Protections:

  • Use email security solutions like Proofpoint, Microsoft Defender for Office 365, or Mimecast.
  • Enforce SPF/DKIM/DMARC policies to protect against email spoofing.

Training and Awareness:

  • Educate employees on identifying phishing attempts, securing their social media, and avoiding information leaks.

No cross-framework mappings available

← Back to Resource Development
Resource Development47 controls
ATTACK-T1583Acquire InfrastructureATTACK-T1583.001DomainsATTACK-T1583.002DNS ServerATTACK-T1583.003Virtual Private ServerATTACK-T1583.004ServerATTACK-T1583.005BotnetATTACK-T1583.006Web ServicesATTACK-T1583.007ServerlessATTACK-T1583.008MalvertisingATTACK-T1584Compromise InfrastructureATTACK-T1584.001DomainsATTACK-T1584.002DNS ServerATTACK-T1584.003Virtual Private ServerATTACK-T1584.004ServerATTACK-T1584.005BotnetATTACK-T1584.006Web ServicesATTACK-T1584.007ServerlessATTACK-T1584.008Network DevicesATTACK-T1585Establish AccountsATTACK-T1585.001Social Media AccountsATTACK-T1585.002Email AccountsATTACK-T1585.003Cloud AccountsATTACK-T1586Compromise AccountsATTACK-T1586.001Social Media AccountsATTACK-T1586.002Email AccountsATTACK-T1586.003Cloud AccountsATTACK-T1587Develop CapabilitiesATTACK-T1587.001MalwareATTACK-T1587.002Code Signing CertificatesATTACK-T1587.003Digital CertificatesATTACK-T1587.004ExploitsATTACK-T1588Obtain CapabilitiesATTACK-T1588.001MalwareATTACK-T1588.002ToolATTACK-T1588.003Code Signing CertificatesATTACK-T1588.004Digital CertificatesATTACK-T1588.005ExploitsATTACK-T1588.006VulnerabilitiesATTACK-T1588.007Artificial IntelligenceATTACK-T1608Stage CapabilitiesATTACK-T1608.001Upload MalwareATTACK-T1608.002Upload ToolATTACK-T1608.003Install Digital CertificateATTACK-T1608.004Drive-by TargetATTACK-T1608.005Link TargetATTACK-T1608.006SEO PoisoningATTACK-T1650Acquire Access