adam/cti
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d3c54fff01f5ea89cbb78117321efa7b96d85af9
cti/mobile-attack/attack-pattern/attack-pattern--7827ced0-95e7-4d05-bdcf-0d8f2d37a3d3.json
T
Jared Ondricek d3c54fff01 ATT&CK v13.1 Mobile
2023-05-08 18:25:12 -05:00

84 lines
4.3 KiB
JSON
Raw Blame History

{
"type": "bundle",
"id": "bundle--b5d1f2b9-c39f-4461-88b9-709ecc1364b9",
"spec_version": "2.0",
"objects": [
{
"modified": "2023-03-20T15:28:54.940Z",
"name": "Compromise Software Dependencies and Development Tools",
"description": "Adversaries may manipulate products or product delivery mechanisms prior to receipt by a final consumer for the purpose of data or system compromise. Applications often depend on external software to function properly. Popular open source projects that are used as dependencies in many applications may be targeted as a means to add malicious code to users of the dependency.(Citation: Grace-Advertisement)",
"kill_chain_phases": [
{
"kill_chain_name": "mitre-mobile-attack",
"phase_name": "initial-access"
}
],
"x_mitre_deprecated": false,
"x_mitre_detection": "Usage of insecure or malicious third-party libraries could be detected by application vetting services. Malicious software development tools could be detected by enterprises that deploy endpoint protection software on computers that are used to develop mobile apps. Application vetting could detect the usage of insecure or malicious third-party libraries.",
"x_mitre_domains": [
"mobile-attack"
],
"x_mitre_is_subtechnique": true,
"x_mitre_platforms": [
"Android",
"iOS"
],
"x_mitre_version": "1.1",
"x_mitre_tactic_type": [
"Post-Adversary Device Access"
],
"type": "attack-pattern",
"id": "attack-pattern--7827ced0-95e7-4d05-bdcf-0d8f2d37a3d3",
"created": "2022-03-28T19:31:51.978Z",
"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
"revoked": false,
"external_references": [
{
"source_name": "mitre-attack",
"url": "https://attack.mitre.org/techniques/T1474/001",
"external_id": "T1474.001"
},
{
"source_name": "Grace-Advertisement",
"description": "M. Grace et al. (2012, April 16-18). Unsafe exposure analysis of mobile in-app advertisements. Retrieved December 22, 2016.",
"url": "https://www.csc2.ncsu.edu/faculty/xjiang4/pubs/WISEC12_ADRISK.pdf"
},
{
"source_name": "NIST Mobile Threat Catalogue",
"url": "https://pages.nist.gov/mobile-threat-catalogue/application-threats/APP-6.html",
"external_id": "APP-6"
},
{
"source_name": "NIST Mobile Threat Catalogue",
"url": "https://pages.nist.gov/mobile-threat-catalogue/supply-chain-threats/SPC-0.html",
"external_id": "SPC-0"
},
{
"source_name": "NIST Mobile Threat Catalogue",
"url": "https://pages.nist.gov/mobile-threat-catalogue/supply-chain-threats/SPC-3.html",
"external_id": "SPC-3"
},
{
"source_name": "NIST Mobile Threat Catalogue",
"url": "https://pages.nist.gov/mobile-threat-catalogue/supply-chain-threats/SPC-9.html",
"external_id": "SPC-9"
},
{
"source_name": "NIST Mobile Threat Catalogue",
"url": "https://pages.nist.gov/mobile-threat-catalogue/supply-chain-threats/SPC-10.html",
"external_id": "SPC-10"
},
{
"source_name": "NIST Mobile Threat Catalogue",
"url": "https://pages.nist.gov/mobile-threat-catalogue/supply-chain-threats/SPC-15.html",
"external_id": "SPC-15"
}
],
"object_marking_refs": [
"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
],
"x_mitre_attack_spec_version": "3.1.0",
"x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5"
}
]
}
Reference in New Issue View Git Blame Copy Permalink