| ID | Name |
|---|---|
| ATAGS-T1086.001 | Cloud Accounts |
| ATAGS-T1086.002 | Default Accounts |
| ATAGS-T1086.003 | Domain Accounts |
| ATAGS-T1086.004 | Local Accounts |
Threat Actors may obtain and abuse credentials of a domain account as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion. Domain accounts are those managed by Active Directory Domain Services where access and permissions are configured across systems and services that are part of that domain. Domain accounts can cover users, administrators, and services.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.