From 3ce4e48dd9cbea68f765ef572bbafc6b491a0315 Mon Sep 17 00:00:00 2001
From: Isabel Tuson <isabel@mitre.org>
Date: Mon, 9 Mar 2020 10:48:09 -0400
Subject: [PATCH] Update copyright statement; fix invalid bundle IDs in marking
 definitions; typo correction on M1026

---
 enterprise-attack/enterprise-attack.json           | 14 +++++++-------
 ...tion--fa42a846-8d90-4e51-bc29-71d5b4802168.json | 12 ++++++------
 ...tion--fa42a846-8d90-4e51-bc29-71d5b4802168.json | 12 ++++++------
 mobile-attack/mobile-attack.json                   | 10 +++++-----
 ...tion--fa42a846-8d90-4e51-bc29-71d5b4802168.json | 12 ++++++------
 pre-attack/pre-attack.json                         | 10 +++++-----
 6 files changed, 35 insertions(+), 35 deletions(-)

diff --git a/enterprise-attack/enterprise-attack.json b/enterprise-attack/enterprise-attack.json
index a09f3089de..683fd1fefb 100644
--- a/enterprise-attack/enterprise-attack.json
+++ b/enterprise-attack/enterprise-attack.json
@@ -136631,7 +136631,7 @@
         {
             "type": "relationship",
             "target_ref": "attack-pattern--43e7dc91-05b2-474c-b9ac-2ed4fe101f4d",
-            "description": "###Linux\n\nUtilize Yama to mitigate ptrace based process injection by restricting the use of ptrace to privileged users only. Other mitigation controls involve the deployment of security kernel modules that provide advanced access control and process restrictions such as SELinux, grsecurity, and AppAmour.",
+            "description": "###Linux\n\nUtilize Yama to mitigate ptrace based process injection by restricting the use of ptrace to privileged users only. Other mitigation controls involve the deployment of security kernel modules that provide advanced access control and process restrictions such as SELinux, grsecurity, and AppArmor.",
             "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
             "created": "2019-07-18T17:27:05.291Z",
             "id": "relationship--d3a267b8-2eba-4d97-8b10-0544e36e5fee",
@@ -150753,7 +150753,7 @@
         {
             "type": "course-of-action",
             "name": "Process Injection Mitigation",
-            "description": "This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of operating system design features. For example, mitigating specific Windows API calls will likely have unintended side effects, such as preventing legitimate software (i.e., security products) from operating properly. Efforts should be focused on preventing adversary tools from running earlier in the chain of activity and on identification of subsequent malicious behavior. (Citation: GDSecurity Linux injection)\n\nIdentify or block potentially malicious software that may contain process injection functionality by using whitelisting (Citation: Beechey 2010) tools, like AppLocker, (Citation: Windows Commands JPCERT) (Citation: NSA MS AppLocker) or Software Restriction Policies (Citation: Corio 2008) where appropriate. (Citation: TechNet Applocker vs SRP)\n\nUtilize Yama  (Citation: Linux kernel Yama) to mitigate ptrace based process injection by restricting the use of ptrace to privileged users only. Other mitigation controls involve the deployment of security kernel modules that provide advanced access control and process restrictions such as SELinux  (Citation: SELinux official), grsecurity  (Citation: grsecurity official), and AppAmour  (Citation: AppArmor official).",
+            "description": "This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of operating system design features. For example, mitigating specific Windows API calls will likely have unintended side effects, such as preventing legitimate software (i.e., security products) from operating properly. Efforts should be focused on preventing adversary tools from running earlier in the chain of activity and on identification of subsequent malicious behavior. (Citation: GDSecurity Linux injection)\n\nIdentify or block potentially malicious software that may contain process injection functionality by using whitelisting (Citation: Beechey 2010) tools, like AppLocker, (Citation: Windows Commands JPCERT) (Citation: NSA MS AppLocker) or Software Restriction Policies (Citation: Corio 2008) where appropriate. (Citation: TechNet Applocker vs SRP)\n\nUtilize Yama  (Citation: Linux kernel Yama) to mitigate ptrace based process injection by restricting the use of ptrace to privileged users only. Other mitigation controls involve the deployment of security kernel modules that provide advanced access control and process restrictions such as SELinux  (Citation: SELinux official), grsecurity  (Citation: grsecurity official), and Armor  (Citation: AppArmor official).",
             "external_references": [
                 {
                     "external_id": "T1055",
@@ -173579,13 +173579,13 @@
         },
         {
             "type": "marking-definition",
-            "definition": {
-                "statement": "Copyright 2017, The MITRE Corporation"
-            },
+            "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
             "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
             "created": "2017-06-01T00:00:00Z",
-            "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
-            "definition_type": "statement"
+            "definition_type": "statement",
+            "definition": {
+                "statement": "Copyright 2015-2020, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation."
+            }
         }
     ]
 }
\ No newline at end of file
diff --git a/enterprise-attack/marking-definition/marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168.json b/enterprise-attack/marking-definition/marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168.json
index 6129ef45ed..58ba7ac5d2 100644
--- a/enterprise-attack/marking-definition/marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168.json
+++ b/enterprise-attack/marking-definition/marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168.json
@@ -1,17 +1,17 @@
 {
     "type": "bundle",
-    "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
+    "id": "bundle--2434d2f8-1824-4225-bc22-527cd0a454cc",
     "spec_version": "2.0",
     "objects": [
         {
             "type": "marking-definition",
-            "definition": {
-                "statement": "Copyright 2017, The MITRE Corporation"
-            },
+            "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
             "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
             "created": "2017-06-01T00:00:00Z",
-            "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
-            "definition_type": "statement"
+            "definition_type": "statement",
+            "definition": {
+                "statement": "Copyright 2015-2020, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation."
+            }
         }
     ]
 }
\ No newline at end of file
diff --git a/mobile-attack/marking-definition/marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168.json b/mobile-attack/marking-definition/marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168.json
index 6129ef45ed..58ba7ac5d2 100644
--- a/mobile-attack/marking-definition/marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168.json
+++ b/mobile-attack/marking-definition/marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168.json
@@ -1,17 +1,17 @@
 {
     "type": "bundle",
-    "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
+    "id": "bundle--2434d2f8-1824-4225-bc22-527cd0a454cc",
     "spec_version": "2.0",
     "objects": [
         {
             "type": "marking-definition",
-            "definition": {
-                "statement": "Copyright 2017, The MITRE Corporation"
-            },
+            "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
             "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
             "created": "2017-06-01T00:00:00Z",
-            "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
-            "definition_type": "statement"
+            "definition_type": "statement",
+            "definition": {
+                "statement": "Copyright 2015-2020, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation."
+            }
         }
     ]
 }
\ No newline at end of file
diff --git a/mobile-attack/mobile-attack.json b/mobile-attack/mobile-attack.json
index f9c3111613..83b211756a 100644
--- a/mobile-attack/mobile-attack.json
+++ b/mobile-attack/mobile-attack.json
@@ -15513,13 +15513,13 @@
         },
         {
             "type": "marking-definition",
-            "definition": {
-                "statement": "Copyright 2017, The MITRE Corporation"
-            },
+            "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
             "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
             "created": "2017-06-01T00:00:00Z",
-            "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
-            "definition_type": "statement"
+            "definition_type": "statement",
+            "definition": {
+                "statement": "Copyright 2015-2020, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation."
+            }
         }
     ]
 }
\ No newline at end of file
diff --git a/pre-attack/marking-definition/marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168.json b/pre-attack/marking-definition/marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168.json
index 6129ef45ed..58ba7ac5d2 100644
--- a/pre-attack/marking-definition/marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168.json
+++ b/pre-attack/marking-definition/marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168.json
@@ -1,17 +1,17 @@
 {
     "type": "bundle",
-    "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
+    "id": "bundle--2434d2f8-1824-4225-bc22-527cd0a454cc",
     "spec_version": "2.0",
     "objects": [
         {
             "type": "marking-definition",
-            "definition": {
-                "statement": "Copyright 2017, The MITRE Corporation"
-            },
+            "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
             "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
             "created": "2017-06-01T00:00:00Z",
-            "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
-            "definition_type": "statement"
+            "definition_type": "statement",
+            "definition": {
+                "statement": "Copyright 2015-2020, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation."
+            }
         }
     ]
 }
\ No newline at end of file
diff --git a/pre-attack/pre-attack.json b/pre-attack/pre-attack.json
index 73b0263c6d..46821c37df 100644
--- a/pre-attack/pre-attack.json
+++ b/pre-attack/pre-attack.json
@@ -8492,13 +8492,13 @@
         },
         {
             "type": "marking-definition",
-            "definition": {
-                "statement": "Copyright 2017, The MITRE Corporation"
-            },
+            "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
             "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
             "created": "2017-06-01T00:00:00Z",
-            "id": "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168",
-            "definition_type": "statement"
+            "definition_type": "statement",
+            "definition": {
+                "statement": "Copyright 2015-2020, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation."
+            }
         }
     ]
 }
\ No newline at end of file