ATT&CK v17.1 Mobile

2025-05-06 07:57:26 -05:00
parent a9e4017a32
commit dde9f3be57
2148 changed files with 63317 additions and 3180 deletions
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--0d0f6000-33a2-43cd-8f60-af4993750de3",
+    "id": "bundle--51a96195-406c-4369-85b1-c01bacd1299c",
    "spec_version": "2.0",
    "objects": [
        {
@@ -28,7 +28,7 @@
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
-            "modified": "2025-04-16T21:21:43.650Z",
+            "modified": "2025-04-25T15:16:26.617Z",
            "name": "Scheduled Task/Job",
            "description": "Adversaries may abuse task scheduling functionality to facilitate initial or recurring execution of malicious code. On Android and iOS, APIs and libraries exist to facilitate scheduling tasks to execute at a specified date, time, or interval.\n\nOn Android, the `WorkManager` API allows asynchronous tasks to be scheduled with the system. `WorkManager` was introduced to unify task scheduling on Android, using `JobScheduler`, `GcmNetworkManager`, and `AlarmManager` internally. `WorkManager` offers a lot of flexibility for scheduling, including periodically, one time, or constraint-based (e.g. only when the device is charging).(Citation: Android WorkManager)\n\nOn iOS, the `NSBackgroundActivityScheduler` API allows asynchronous tasks to be scheduled with the system. The tasks can be scheduled to be repeating or non-repeating, however, the system chooses when the tasks will be executed. The app can choose the interval for repeating tasks, or the delay between scheduling and execution for one-time tasks.(Citation: Apple NSBackgroundActivityScheduler)",
            "kill_chain_phases": [
@@ -45,10 +45,12 @@
            "x_mitre_contributors": [
                "Lorin Wu, Trend Micro"
            ],
+            "x_mitre_deprecated": false,
            "x_mitre_detection": "Scheduling tasks/jobs can be difficult to detect, and therefore enterprises may be better served focusing on detection at other stages of adversarial behavior.",
            "x_mitre_domains": [
                "mobile-attack"
            ],
+            "x_mitre_is_subtechnique": false,
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "x_mitre_platforms": [
                "Android",
@@ -57,8 +59,7 @@
            "x_mitre_version": "1.0",
            "x_mitre_tactic_type": [
                "Post-Adversary Device Access"
-            ],
-            "x_mitre_is_subtechnique": false
+            ]
        }
    ]
 }
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--9ca332c2-cd2f-4c3d-9bc3-677cf71eb866",
+    "id": "bundle--f3f6b6d5-b99c-4576-9c4f-3cbd225a053b",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--a35e2ae9-c7fc-48ba-a149-90450f599242",
+    "id": "bundle--d0e94233-4538-442d-9d99-92af56f6524a",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--319009de-ab53-4120-aa89-bf1ffa3ab203",
+    "id": "bundle--e043a6b9-15b4-4fe8-951b-d5934fe56303",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--24677a20-cd8d-4936-b717-9832ffdba5ce",
+    "id": "bundle--77d954ea-653a-4932-aac5-d2044d08d3a3",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--05defcc7-541a-457c-8b24-6fee602298a5",
+    "id": "bundle--aa214418-46bf-4be8-b565-54ad0ee7f363",
    "spec_version": "2.0",
    "objects": [
        {
@@ -18,7 +18,7 @@
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
-            "modified": "2025-04-18T18:00:35.774Z",
+            "modified": "2025-04-25T15:16:27.255Z",
            "name": "Malicious SMS Message",
            "description": "Test",
            "kill_chain_phases": [
@@ -28,9 +28,11 @@
                }
            ],
            "x_mitre_attack_spec_version": "3.2.0",
+            "x_mitre_deprecated": false,
            "x_mitre_domains": [
                "mobile-attack"
            ],
+            "x_mitre_is_subtechnique": false,
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "x_mitre_platforms": [
                "Android"
@@ -38,8 +40,7 @@
            "x_mitre_version": "1.0",
            "x_mitre_tactic_type": [
                "Post-Adversary Device Access"
-            ],
-            "x_mitre_is_subtechnique": false
+            ]
        }
    ]
 }
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--eb3f274a-6bd1-4c9b-b20a-9f38b53a77c1",
+    "id": "bundle--3ca9a3de-a447-45b9-8400-9e89dfd738d8",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--0be577ec-668d-4129-a481-8180ac5620e1",
+    "id": "bundle--99273979-078d-4af5-b126-0fd4372344d2",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--aba87f82-0adc-4fa2-9c9c-41c1304e2f37",
+    "id": "bundle--3df9eb2c-e7ee-47cb-bd69-3d15fbd3af9a",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--41cf81a6-1397-43c2-9d0b-e3a1b2a856d2",
+    "id": "bundle--c2c492c1-455c-44e9-af82-a3bf6dac2de2",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--911a3021-1e24-4941-92f8-9a027bafb7e7",
+    "id": "bundle--adc93276-f8ed-4489-8872-106a9e1b373a",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--c0e78d56-417d-4296-86e9-3385fa826004",
+    "id": "bundle--a5d36ffd-ecab-4480-9695-e322c558dffa",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--d57376a9-1f73-4f95-b03a-1c867d52222e",
+    "id": "bundle--50571c48-f515-43aa-b52e-007f00dda6d6",
    "spec_version": "2.0",
    "objects": [
        {
@@ -18,15 +18,16 @@
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
-            "modified": "2025-04-18T18:00:36.173Z",
+            "modified": "2025-04-25T15:16:27.908Z",
            "name": "Insecure Third-Party Libraries",
            "x_mitre_attack_spec_version": "3.2.0",
+            "x_mitre_deprecated": false,
            "x_mitre_domains": [
                "mobile-attack"
            ],
+            "x_mitre_is_subtechnique": false,
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
-            "x_mitre_version": "1.0",
-            "x_mitre_is_subtechnique": false
+            "x_mitre_version": "1.0"
        }
    ]
 }
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--e9f462f7-7377-4315-ad67-685254b26252",
+    "id": "bundle--26e4e6c3-04cb-40b9-b6ed-64a828067933",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--246936b1-ca74-4558-8e63-27b602ab9ff3",
+    "id": "bundle--89f6c519-547d-47ce-a924-6562bd169979",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--80fe1b07-d6eb-457d-b3f6-6ea67bfddb7c",
+    "id": "bundle--8e1fec25-02ea-41dd-be98-ff618681a31e",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--6bc76949-78c9-4b35-afd8-d46f7f62e3a1",
+    "id": "bundle--29f55549-32db-4659-9a54-f21b414ff1aa",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--70300224-407f-4193-915a-beefc130f8fe",
+    "id": "bundle--2de73dd6-ad1a-443c-aba5-c08a68e8f3ac",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--7fd6027d-42e3-49fd-8841-e3faf52fc4da",
+    "id": "bundle--e0377146-02bd-4b0f-b90e-38265c5d9109",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--19e51447-ec0c-4047-a382-a0fbb12e723a",
+    "id": "bundle--b6e27845-b51c-4cae-9ed2-8651f62bd8e5",
    "spec_version": "2.0",
    "objects": [
        {
@@ -18,15 +18,16 @@
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
-            "modified": "2025-04-18T18:00:36.344Z",
+            "modified": "2025-04-25T15:16:28.664Z",
            "name": "App Delivered via Email Attachment",
            "x_mitre_attack_spec_version": "3.2.0",
+            "x_mitre_deprecated": false,
            "x_mitre_domains": [
                "mobile-attack"
            ],
+            "x_mitre_is_subtechnique": false,
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
-            "x_mitre_version": "1.0",
-            "x_mitre_is_subtechnique": false
+            "x_mitre_version": "1.0"
        }
    ]
 }
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--bc0d9753-bbb1-4b7d-b7df-dfac6dba77bf",
+    "id": "bundle--3cc5bf47-9c83-41a3-aa37-13f49804224f",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--fdb19e52-365c-480b-b983-4534e191a334",
+    "id": "bundle--8553cd28-71aa-4cd6-8196-8c2966818f40",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--3468609f-1e41-4bed-97bb-8a11e90ff29e",
+    "id": "bundle--26d8a0c3-fd0e-45f1-b974-95ea8771094d",
    "spec_version": "2.0",
    "objects": [
        {
@@ -33,7 +33,7 @@
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
-            "modified": "2025-04-18T18:00:36.575Z",
+            "modified": "2025-04-25T15:16:29.002Z",
            "name": "Abuse Accessibility Features",
            "description": "**This technique has been deprecated. Please use [Input Capture](https://attack.mitre.org/techniques/T1417), [Input Injection](https://attack.mitre.org/techniques/T1516), and [Input Prompt](https://attack.mitre.org/techniques/T1411) where appropriate.**\n\nA malicious app could abuse Android's accessibility features to capture sensitive data or perform other malicious actions.(Citation: Skycure-Accessibility)\n\nAdversaries may abuse accessibility features on Android to emulate a user's clicks, for example to steal money from a user's bank account.(Citation: android-trojan-steals-paypal-2fa)(Citation: banking-trojans-google-play)\n\nAdversaries may abuse accessibility features on Android devices to evade defenses by repeatedly clicking the \"Back\" button when a targeted app manager or mobile security app is launched, or when strings suggesting uninstallation are detected in the foreground. This effectively prevents the malicious application from being uninstalled.(Citation: android-trojan-steals-paypal-2fa)",
            "kill_chain_phases": [
@@ -62,6 +62,7 @@
            "x_mitre_domains": [
                "mobile-attack"
            ],
+            "x_mitre_is_subtechnique": false,
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "x_mitre_platforms": [
                "Android"
@@ -69,8 +70,7 @@
            "x_mitre_version": "2.0",
            "x_mitre_tactic_type": [
                "Post-Adversary Device Access"
-            ],
-            "x_mitre_is_subtechnique": false
+            ]
        }
    ]
 }
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--da3675da-431c-4d03-8d2f-72106b6e3f29",
+    "id": "bundle--a7850175-b3f4-4b53-8992-c7fb2b044c75",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--41eedc82-38b8-4abf-9d7c-1ae9cb2e15b6",
+    "id": "bundle--99d1e0b1-0995-4e6c-a94d-be66ff9054c9",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--96db2d00-6c4e-45ac-acae-06ca05ae2f37",
+    "id": "bundle--abdc4627-4311-40b1-a845-a16de74c9183",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--30cd5c77-bc01-4e5a-ac30-e80c9da25dd1",
+    "id": "bundle--18801b39-2dc8-4678-a737-33b1d0f1c61b",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--fb9f5d9c-2779-4f15-92ad-67fac8a9b77c",
+    "id": "bundle--b4f27fd0-8e9e-46fc-b5fd-f10e0a8f163f",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--ca8ec70c-19ea-4a0f-88ec-4b23f41838dc",
+    "id": "bundle--c6dd63a2-b13a-4a7f-8760-068b3f4471aa",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--2981fdd6-aaf1-4fe8-8a8d-d1029a9f9abe",
+    "id": "bundle--4fac8897-9ac0-4c1b-af67-fcde00b5e9ad",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--880dbb99-94fa-4a2c-878c-d50a00fda70d",
+    "id": "bundle--03cf9378-9d70-4a3b-a9cc-2abb5ce1d4c2",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--8cd7ccb9-2608-474d-a73a-58be2f5d4d10",
+    "id": "bundle--64b02827-1e1c-4f6f-804d-e6c9628ca99b",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--11429b7c-ed98-4550-b890-9ebfe23bec19",
+    "id": "bundle--5c23d7ae-0a99-4630-b606-b7266799a1cc",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--1c5ab43a-9f3b-4f5e-b8f6-323b3d30b173",
+    "id": "bundle--df20b58f-cb0a-484b-b305-a3f37e074c9a",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--a59160ce-1bad-4bcc-856a-0ee5b4821de8",
+    "id": "bundle--6515534f-9326-4710-b557-4f7940d989bb",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--03b1cb59-63c1-4f50-8c8d-9e0ff07b4dc9",
+    "id": "bundle--b6a50b72-a5b5-41f7-9768-7f7f8e725343",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--ba2a9c39-8cbb-41dc-af78-4f5e3a4e9dfa",
+    "id": "bundle--df7965a0-1293-4662-ab94-273f162cd519",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--2ac6cdfc-1fdb-4225-93be-07b302cfe51d",
+    "id": "bundle--6cf398ba-ecc9-408d-ad3d-854a3cff4a8e",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--32463bfc-b0ca-4ab6-892f-3421834e5e22",
+    "id": "bundle--bc308658-9036-4234-86a0-930fd3b9e6df",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--ff0749f3-8dcf-4c32-ab68-f4331c2a3d2e",
+    "id": "bundle--7cdd5187-af1f-46b2-a861-02b5227c5c72",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--ac194626-1d9b-489e-8182-9486c70e6ac4",
+    "id": "bundle--dafcdebb-aaf2-4d1c-9ab4-a71896a3ec57",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--58e157f5-0243-422e-ad88-fe4b12aab2b0",
+    "id": "bundle--9272923c-83da-466d-9017-e8bb40cc988c",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--6010290f-60c7-459d-b18d-f870ec1a7e87",
+    "id": "bundle--445b9d16-a5b4-4243-9bba-c07904283858",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--ff758a08-d30e-430a-8422-7cc1770279de",
+    "id": "bundle--5928e5f8-123e-44fc-9e3a-8f42b9c7e084",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--801ff31e-b7da-4c9c-95a6-d9662d301807",
+    "id": "bundle--6ff6943f-8dcf-4fcc-aff0-3587b193a572",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--e34244d0-c9fd-4b50-979b-4e2b2cc47f5f",
+    "id": "bundle--d2a179d1-6f52-4bbe-b3ae-f288566947ac",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--bf5c9fd3-021f-45ef-af5e-fd80bbbc69b6",
+    "id": "bundle--74780307-e80d-4d62-b037-ba04200193f1",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--13220d8b-5014-47ba-8f2b-041fb24e69e1",
+    "id": "bundle--e771c16c-894a-440d-8334-f9c6ce23b3dc",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--edcf348b-2f3a-4963-8a55-68b1bd183f43",
+    "id": "bundle--28928059-16cd-4742-92be-f2573cdde669",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--c60cf8a5-1355-4359-a400-42832b8637c3",
+    "id": "bundle--06f060a1-6b02-42b4-b5f4-c8628256fb58",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--4a0d048c-4452-4c6a-8c8a-a070f5e671e1",
+    "id": "bundle--a71497c1-c70c-48c3-910a-37476d9fd463",
    "spec_version": "2.0",
    "objects": [
        {
@@ -18,15 +18,16 @@
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
-            "modified": "2025-04-18T18:00:38.220Z",
+            "modified": "2025-04-25T15:16:31.363Z",
            "name": "Biometric Spoofing",
            "x_mitre_attack_spec_version": "3.2.0",
+            "x_mitre_deprecated": false,
            "x_mitre_domains": [
                "mobile-attack"
            ],
+            "x_mitre_is_subtechnique": false,
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
-            "x_mitre_version": "1.0",
-            "x_mitre_is_subtechnique": false
+            "x_mitre_version": "1.0"
        }
    ]
 }
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--32156167-e9fd-48de-8656-47185541511c",
+    "id": "bundle--2d3cd22d-7f78-407c-b3bb-848ee83b8b04",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--84c0a7fd-2a30-480c-837d-4f8c3cba910d",
+    "id": "bundle--8bd2af86-122b-4eca-b874-c4003f660508",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--3c8a808b-8df0-46ad-930b-2de90920d5f4",
+    "id": "bundle--547c7c95-8f62-4eda-b789-3fd0c152705e",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--f568750c-1a30-40ce-9719-c33f0b4abf16",
+    "id": "bundle--eb740bb7-d12b-4941-bf62-5d34724533c7",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--322a381b-60fe-416c-806b-236c83aeb599",
+    "id": "bundle--a6490d85-fe67-44f8-bd9e-48b7b5313112",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--d06eee4f-9803-4d9c-94b8-497feacfa8c9",
+    "id": "bundle--98be12df-3041-4690-9b8a-337958c52e73",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--23679af4-2b9b-4787-a4fd-0e8a4664793e",
+    "id": "bundle--8b653007-23b7-4c60-86c6-0d72c76092f0",
    "spec_version": "2.0",
    "objects": [
        {
@@ -18,15 +18,16 @@
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
-            "modified": "2025-04-18T18:00:38.597Z",
+            "modified": "2025-04-25T15:16:31.975Z",
            "name": "Abuse of iOS Enterprise App Signing Key",
            "x_mitre_attack_spec_version": "3.2.0",
+            "x_mitre_deprecated": false,
            "x_mitre_domains": [
                "mobile-attack"
            ],
+            "x_mitre_is_subtechnique": false,
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
-            "x_mitre_version": "1.0",
-            "x_mitre_is_subtechnique": false
+            "x_mitre_version": "1.0"
        }
    ]
 }
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--1ccfe1d4-ac35-4831-9c1e-ef1ff0b85b9a",
+    "id": "bundle--e4b93ea2-e2cb-47c6-aad5-58d43162b28f",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--831d6ef3-5b36-4ee0-9ff2-ba56effc5d10",
+    "id": "bundle--f20493ba-b7c2-4148-961f-01eb07b552a3",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--4b2cd5bb-97b0-48e7-acf6-4382ab2284b4",
+    "id": "bundle--e1c2ae7e-210d-41cb-9c15-dec6606b8deb",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--e41425ab-bd82-4c29-8111-3b06c053d143",
+    "id": "bundle--36f50c52-0d11-4d92-900e-189d3c79f825",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--5f8bfdf2-2ebe-4453-b74e-3ca49aa1c654",
+    "id": "bundle--ed36c0fe-5cd1-4a15-a81c-79bcbaf04e65",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--16a609e2-ded6-4c0f-8a93-2ec27b302175",
+    "id": "bundle--626bc01d-e5aa-4d1c-b541-a1afc17a8516",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--5088bebd-23aa-41e3-be87-aef1eb6c0427",
+    "id": "bundle--b45b3611-a6aa-4008-bc7e-6b4793fbd572",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--5ca121a0-aec7-42e9-b7f1-7587a176fb33",
+    "id": "bundle--4af84028-d61c-4fa4-8e36-4bdbc6332e9a",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--2c26cd51-864f-4197-add4-e996f6531869",
+    "id": "bundle--f829fd71-7540-4195-838d-36f61bc5be6b",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--f9f6d501-8135-46a9-8192-ea45747fa227",
+    "id": "bundle--22827c75-2dcc-4329-b1cc-56d65aaba2e1",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--7150540d-2e6e-49c4-966a-0dc198108223",
+    "id": "bundle--e2caa661-a90a-45ad-9dc3-aa245521c6cd",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--b14e2bfb-4f92-42ce-b316-02b7600cda0e",
+    "id": "bundle--270fb82b-25ae-4f2e-a536-b8bd5b4e82b3",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--53486e99-b39f-4633-b59e-453ff20467ab",
+    "id": "bundle--26defdc0-ed68-4f65-bb43-8f65195cab51",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--59515f24-6a8a-42a6-a7fc-7269e340bc1c",
+    "id": "bundle--2ea3465b-af85-4725-9aa5-d8310be15491",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--3c54eb13-1b92-4c0b-aed1-cb26e4215d4a",
+    "id": "bundle--5dd72193-51c9-4e8a-b030-addc61dcd580",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--548e0c3d-9e22-4ae9-95c1-7f4959e4cfcf",
+    "id": "bundle--b3323d7f-827c-464c-826f-9841055c1cb7",
    "spec_version": "2.0",
    "objects": [
        {
@@ -18,15 +18,16 @@
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
-            "modified": "2025-04-18T18:00:39.890Z",
+            "modified": "2025-04-25T15:16:33.241Z",
            "name": "App Delivered via Web Download",
            "x_mitre_attack_spec_version": "3.2.0",
+            "x_mitre_deprecated": false,
            "x_mitre_domains": [
                "mobile-attack"
            ],
+            "x_mitre_is_subtechnique": false,
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
-            "x_mitre_version": "1.0",
-            "x_mitre_is_subtechnique": false
+            "x_mitre_version": "1.0"
        }
    ]
 }
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--d973d752-e7fa-488a-8568-85589b530442",
+    "id": "bundle--8ba3ad66-ae7b-44c3-adfe-f82837c20edf",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--9a216a7e-ccfb-4b3f-bd94-befa3a97cbed",
+    "id": "bundle--0aaebd1c-24b3-46c5-8e33-848e27a04c57",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--b4a4099a-eebc-4676-94fa-111834f123f0",
+    "id": "bundle--de2098e6-345f-4e9d-b0c6-21b3038c0d38",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--b7b250f1-78ed-475d-9528-3b04a853b6c2",
+    "id": "bundle--42678bc9-e967-4f0c-b4b9-f5adfd8490c7",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--f4b79e24-701d-4a0d-99a1-f56072d91e1e",
+    "id": "bundle--3d3a7350-46ba-4001-b07f-ae955bd93500",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--7ff01197-d22e-4d03-a9d8-09e0b5299e36",
+    "id": "bundle--4aa3e2a8-1b92-4a2d-a510-ee135404fe90",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--78180956-bfa1-4e35-93b8-4bf999a3105d",
+    "id": "bundle--fdcc9c51-12ff-4ad9-a273-54810172dbb2",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--c487eb0a-2235-43a1-9a1b-3dcd269c876a",
+    "id": "bundle--3b6fb890-7064-4a40-a8d9-ac9972464cf2",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--af0abec5-49cb-477e-8223-d24347efe826",
+    "id": "bundle--b16a5920-70df-4b41-a74c-2a6c0ee2575a",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--971d75f8-c31a-478a-8a13-7c9bc2080daf",
+    "id": "bundle--b3e3076d-b1aa-4d94-9bda-05d13415d3a3",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--22f7a97b-3c73-44b4-b17d-fc60d367b5e5",
+    "id": "bundle--a354456d-3bb6-45d4-a891-26b40099dfb6",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--500561f6-ebf9-4202-8976-15e0957a1ad9",
+    "id": "bundle--28b007c1-baf5-48c0-9277-7baf4137ec3d",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--325c0ff5-2473-4de8-abeb-865c627cae6d",
+    "id": "bundle--2c93a62b-eb19-42ef-8ca8-363cf5f1650b",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--04ecab8d-7222-42cd-95ed-9ea9c747b184",
+    "id": "bundle--4bf73163-5833-43c2-be27-ebcaf9fb8ad7",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--7273618d-a2e2-4834-9e9b-066b2539b671",
+    "id": "bundle--a6884553-de00-4097-9ff7-db97a8f4aeba",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--53eab7ee-29a7-4bfd-b476-8afd8efdc339",
+    "id": "bundle--e7eb4153-4b97-44e9-87c6-bd774063b36e",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--0f6bd01b-554b-4fd0-870d-67f153458be5",
+    "id": "bundle--e93e3d02-09f0-46a9-a14f-00ae03b0e9b6",
    "spec_version": "2.0",
    "objects": [
        {
@@ -18,15 +18,16 @@
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
-            "modified": "2025-04-18T18:00:41.398Z",
+            "modified": "2025-04-25T15:16:34.865Z",
            "name": "Remotely Install Application",
            "x_mitre_attack_spec_version": "3.2.0",
+            "x_mitre_deprecated": false,
            "x_mitre_domains": [
                "mobile-attack"
            ],
+            "x_mitre_is_subtechnique": false,
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
-            "x_mitre_version": "1.0",
-            "x_mitre_is_subtechnique": false
+            "x_mitre_version": "1.0"
        }
    ]
 }
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--af976b4d-7055-4c61-9fbe-8d469acdb89a",
+    "id": "bundle--da76e67c-85e4-4a3c-86da-1c86477388a4",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--938a2ae5-b3c8-4f8d-aba5-d20f470524ba",
+    "id": "bundle--39870a39-c71a-4e5b-82d0-5975cb6de826",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--f0e31577-1d56-4347-8d5a-3e9a0e0a73ef",
+    "id": "bundle--0a5b0f71-5edf-4b58-81c9-6264622ddcab",
    "spec_version": "2.0",
    "objects": [
        {
@@ -24,7 +24,7 @@
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
-            "modified": "2025-04-18T18:00:41.755Z",
+            "modified": "2025-04-25T15:16:35.161Z",
            "name": "Device Type Discovery",
            "description": "On Android, device type information is accessible to apps through the android.os.Build class (Citation: Android-Build). Device information could be used to target privilege escalation exploits.",
            "kill_chain_phases": [
@@ -34,9 +34,11 @@
                }
            ],
            "x_mitre_attack_spec_version": "3.2.0",
+            "x_mitre_deprecated": false,
            "x_mitre_domains": [
                "mobile-attack"
            ],
+            "x_mitre_is_subtechnique": false,
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "x_mitre_platforms": [
                "Android"
@@ -44,8 +46,7 @@
            "x_mitre_version": "1.0",
            "x_mitre_tactic_type": [
                "Post-Adversary Device Access"
-            ],
-            "x_mitre_is_subtechnique": false
+            ]
        }
    ]
 }
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--e5fbfdb8-300f-4a35-ac00-a3accadfc5ab",
+    "id": "bundle--633bb0be-97c9-43a9-b510-9e6f2c895771",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--531b0c5b-e691-465d-b95e-cab08ad0190f",
+    "id": "bundle--50ddefc8-2d88-4e13-b9c0-88af58374599",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--8df88027-42c8-4525-99a6-daa3580b6884",
+    "id": "bundle--37590a4c-37a7-4697-8d9a-4df456689bd7",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--7c8965b2-ef66-446c-8fe2-cf7a462d2b0b",
+    "id": "bundle--39db7a82-84cc-4025-ba7f-193d597aff27",
    "spec_version": "2.0",
    "objects": [
        {
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--a699e18d-56f2-4d44-bf18-17683a0e7c76",
+    "id": "bundle--26fafe60-9f4b-4026-8c61-71f5d77c5825",
    "spec_version": "2.0",
    "objects": [
        {
@@ -44,7 +44,7 @@
            "object_marking_refs": [
                "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
            ],
-            "modified": "2025-04-18T18:00:42.505Z",
+            "modified": "2025-04-25T15:16:35.896Z",
            "name": "URL Scheme Hijacking",
            "description": "An iOS application may be able to maliciously claim a URL scheme, allowing it to intercept calls that are meant for a different application(Citation: FireEye-Masque2)(Citation: Dhanjani-URLScheme). This technique, for example, could be used to capture OAuth authorization codes(Citation: IETF-PKCE) or to phish user credentials(Citation: MobileIron-XARA).",
            "kill_chain_phases": [
@@ -54,9 +54,11 @@
                }
            ],
            "x_mitre_attack_spec_version": "3.2.0",
+            "x_mitre_deprecated": false,
            "x_mitre_domains": [
                "mobile-attack"
            ],
+            "x_mitre_is_subtechnique": false,
            "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
            "x_mitre_platforms": [
                "iOS"
@@ -64,8 +66,7 @@
            "x_mitre_version": "1.1",
            "x_mitre_tactic_type": [
                "Post-Adversary Device Access"
-            ],
-            "x_mitre_is_subtechnique": false
+            ]
        }
    ]
 }
@@ -1,6 +1,6 @@
 {
    "type": "bundle",
-    "id": "bundle--cf376e14-a309-4a98-b75a-bace4aa924f7",
+    "id": "bundle--cf5d48c8-1f44-48b4-9a05-31b1650a24e5",
    "spec_version": "2.0",
    "objects": [
        {
--- a/Show More
+++ b/Show More