Jared Ondricek
54 lines
2.3 KiB
JSON
54 lines
2.3 KiB
JSON
{
|
|
"type": "bundle",
|
|
"id": "bundle--2c72f9bc-1b57-4ff1-ac0f-752cf51a4c7d",
|
|
"spec_version": "2.0",
|
|
"objects": [
|
|
{
|
|
"x_mitre_platforms": [
|
|
"Android",
|
|
"iOS"
|
|
],
|
|
"x_mitre_domains": [
|
|
"mobile-attack"
|
|
],
|
|
"object_marking_refs": [
|
|
"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
|
|
],
|
|
"type": "attack-pattern",
|
|
"id": "attack-pattern--62adb627-f647-498e-b4cc-41499361bacb",
|
|
"created": "2017-10-25T14:48:20.727Z",
|
|
"x_mitre_version": "1.0",
|
|
"external_references": [
|
|
{
|
|
"source_name": "mitre-attack",
|
|
"external_id": "T1435",
|
|
"url": "https://attack.mitre.org/techniques/T1435"
|
|
},
|
|
{
|
|
"url": "https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-13.html",
|
|
"source_name": "NIST Mobile Threat Catalogue",
|
|
"external_id": "APP-13"
|
|
}
|
|
],
|
|
"x_mitre_deprecated": false,
|
|
"revoked": true,
|
|
"description": "An adversary could call standard operating system APIs from a malicious application to gather calendar entry data, or with escalated privileges could directly access files containing calendar data.",
|
|
"modified": "2022-04-01T12:50:48.453Z",
|
|
"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
|
|
"name": "Access Calendar Entries",
|
|
"x_mitre_detection": "On both Android (6.0 and up) and iOS, the user can view which applications have permission to access calendar information through the device settings screen, and the user can choose to revoke the permissions.",
|
|
"kill_chain_phases": [
|
|
{
|
|
"phase_name": "collection",
|
|
"kill_chain_name": "mitre-mobile-attack"
|
|
}
|
|
],
|
|
"x_mitre_is_subtechnique": false,
|
|
"x_mitre_tactic_type": [
|
|
"Post-Adversary Device Access"
|
|
],
|
|
"x_mitre_attack_spec_version": "2.1.0",
|
|
"x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5"
|
|
}
|
|
]
|
|
} |