| ID | Name |
|---|---|
| ATAGS-T1081.001 | Group Policy Modification |
| ATAGS-T1081.002 | Trust Modification |
Threat Actors may add new domain trusts, modify the properties of existing domain trusts, or otherwise change the configuration of trust relationships between domains and tenants to evade defenses and/or elevate privileges.Trust details, such as whether or not user identities are federated, allow authentication and authorization properties to apply between domains or tenants for the purpose of accessing shared resources. These trust objects may include accounts, credentials, and other authentication material applied to servers, tokens, and domains.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.