From 04accabaabea7b7307e1f687d6c0a39e6d136a80 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 20 Mar 2019 12:37:38 +0100 Subject: [PATCH] chg: [mitre att&ck] updated with new version --- clusters/mitre-course-of-action.json | 4 +- ...re-enterprise-attack-course-of-action.json | 4 +- clusters/mitre-intrusion-set.json | 4 +- clusters/mitre-malware.json | 4 +- .../mitre-mobile-attack-attack-pattern.json | 139 ++++++++++++++++- .../mitre-mobile-attack-course-of-action.json | 60 +++++++- clusters/mitre-mobile-attack-malware.json | 144 +++++++++++++++++- clusters/mitre-pre-attack-attack-pattern.json | 46 +++++- clusters/mitre-pre-attack-intrusion-set.json | 25 ++- clusters/mitre-tool.json | 4 +- 10 files changed, 414 insertions(+), 20 deletions(-) diff --git a/clusters/mitre-course-of-action.json b/clusters/mitre-course-of-action.json index a625231..70db0ec 100644 --- a/clusters/mitre-course-of-action.json +++ b/clusters/mitre-course-of-action.json @@ -5951,5 +5951,5 @@ "value": "Attestation - M1002" } ], - "version": 9 -} + "version": 10 +} \ No newline at end of file diff --git a/clusters/mitre-enterprise-attack-course-of-action.json b/clusters/mitre-enterprise-attack-course-of-action.json index 1057876..7c14e0b 100644 --- a/clusters/mitre-enterprise-attack-course-of-action.json +++ b/clusters/mitre-enterprise-attack-course-of-action.json @@ -3665,5 +3665,5 @@ "value": "Security Software Discovery Mitigation - T1063" } ], - "version": 5 -} + "version": 6 +} \ No newline at end of file diff --git a/clusters/mitre-intrusion-set.json b/clusters/mitre-intrusion-set.json index 6453d0d..6eca44e 100644 --- a/clusters/mitre-intrusion-set.json +++ b/clusters/mitre-intrusion-set.json @@ -11171,5 +11171,5 @@ "value": "DarkHydrus - G0079" } ], - "version": 12 -} + "version": 13 +} \ No newline at end of file diff --git a/clusters/mitre-malware.json b/clusters/mitre-malware.json index 9ab327a..5667496 100644 --- a/clusters/mitre-malware.json +++ b/clusters/mitre-malware.json @@ -22878,5 +22878,5 @@ "value": "NotCompatible - S0299" } ], - "version": 11 -} + "version": 12 +} \ No newline at end of file diff --git a/clusters/mitre-mobile-attack-attack-pattern.json b/clusters/mitre-mobile-attack-attack-pattern.json index a7fbc97..75a7aba 100644 --- a/clusters/mitre-mobile-attack-attack-pattern.json +++ b/clusters/mitre-mobile-attack-attack-pattern.json @@ -26,6 +26,15 @@ "https://srlabs.de/bites/rooting-sim-cards/" ] }, + "related": [ + { + "dest-uuid": "2d646840-f6f5-4619-a5a8-29c8316bbac5", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "0bcc4ec1-a897-49a9-a9ff-c00df1d1209d", "value": "Malicious SMS Message - MOB-T1057" }, @@ -330,6 +339,15 @@ "https://www.usenix.org/conference/usenixsecurity13/technical-sessions/presentation/wang%20tielei" ] }, + "related": [ + { + "dest-uuid": "d9db3d46-66ca-44b4-9daa-1ef97cb7465a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "b765efd1-02e6-4e67-aebf-0fef5c37e54b", "value": "Detect App Analysis Environment - MOB-T1043" }, @@ -368,6 +386,15 @@ "https://jon.oberheide.org/files/summercon12-bouncer.pdf" ] }, + "related": [ + { + "dest-uuid": "d9db3d46-66ca-44b4-9daa-1ef97cb7465a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "e30cc912-7ea1-4683-9219-543b86cbdec9", "value": "Fake Developer Accounts - MOB-T1045" }, @@ -388,6 +415,15 @@ "https://blog.zimperium.com/experts-found-a-unicorn-in-the-heart-of-android/" ] }, + "related": [ + { + "dest-uuid": "fd339382-bfec-4bf0-8d47-1caedc9e7e57", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "a9cab8f6-4c94-4c9b-9e7d-9d863ff53431", "value": "Malicious Media Content - MOB-T1060" }, @@ -408,6 +444,15 @@ "https://pages.nist.gov/mobile-threat-catalogue/ecosystem-threats/ECO-13.html" ] }, + "related": [ + { + "dest-uuid": "53263a67-075e-48fa-974b-91c5b5445db7", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "1f96d624-8409-4472-ad8a-30618ee6b2e2", "value": "App Delivered via Email Attachment - MOB-T1037" }, @@ -500,6 +545,15 @@ "https://attack.mitre.org/mobile/index.php/Technique/MOB-T1076" ] }, + "related": [ + { + "dest-uuid": "0d95940f-9583-4e0f-824c-a42c1be47fad", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "f9e4f526-ac9d-4df5-8949-833a82a1d2df", "value": "Malicious or Vulnerable Built-in Device Functionality - MOB-T1076" }, @@ -568,6 +622,15 @@ "https://www.usenix.org/system/files/conference/woot12/woot12-final24.pdf" ] }, + "related": [ + { + "dest-uuid": "2d646840-f6f5-4619-a5a8-29c8316bbac5", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "c91c304a-975d-4501-9789-0db1c57afd3f", "value": "Exploit Baseband Vulnerability - MOB-T1058" }, @@ -624,6 +687,15 @@ "https://pages.nist.gov/mobile-threat-catalogue/ecosystem-threats/ECO-21.html" ] }, + "related": [ + { + "dest-uuid": "53263a67-075e-48fa-974b-91c5b5445db7", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "6b846ad0-cc20-4db6-aa34-91561397c5e2", "value": "App Delivered via Web Download - MOB-T1034" }, @@ -680,6 +752,15 @@ "http://www.slideshare.net/Shakacon/fruit-vs-zombies-defeat-nonjailbroken-ios-malware-by-claud-xiao" ] }, + "related": [ + { + "dest-uuid": "53263a67-075e-48fa-974b-91c5b5445db7", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "51aedbd6-2837-4d15-aeb0-cb09f2bf22ac", "value": "Abuse of iOS Enterprise App Signing Key - MOB-T1048" }, @@ -756,6 +837,15 @@ "http://www.popsci.com/box-can-figure-out-your-4-digit-iphone-passcode" ] }, + "related": [ + { + "dest-uuid": "dfe29258-ce59-421c-9dee-e85cb9fa90cd", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "f296fc9c-2ff5-43ee-941e-6b49c438270a", "value": "Device Unlock Code Guessing or Brute Force - MOB-T1062" }, @@ -840,6 +930,15 @@ "https://support.apple.com/en-us/HT204587" ] }, + "related": [ + { + "dest-uuid": "dfe29258-ce59-421c-9dee-e85cb9fa90cd", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "45dcbc83-4abc-4de1-b643-e528d1e9df09", "value": "Biometric Spoofing - MOB-T1063" }, @@ -924,6 +1023,15 @@ "http://www.infoworld.com/article/2854963/mobile-development/how-to-keep-your-app-store-dev-account-from-being-hijacked.html" ] }, + "related": [ + { + "dest-uuid": "d9db3d46-66ca-44b4-9daa-1ef97cb7465a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "a21a6a79-f9a1-4c87-aed9-ba2d79536881", "value": "Stolen Developer Credentials or Signing Keys - MOB-T1044" }, @@ -1204,6 +1312,15 @@ "https://www.nowsecure.com/blog/2015/06/15/a-pattern-for-remote-code-execution-using-arbitrary-file-writes-and-multidex-applications/" ] }, + "related": [ + { + "dest-uuid": "0d95940f-9583-4e0f-824c-a42c1be47fad", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "11bd699b-f2c2-4e48-bf46-fb3f8acd9799", "value": "Insecure Third-Party Libraries - MOB-T1028" }, @@ -1309,6 +1426,15 @@ "http://www.vvdveen.com/publications/BAndroid.pdf" ] }, + "related": [ + { + "dest-uuid": "d9db3d46-66ca-44b4-9daa-1ef97cb7465a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "831e3269-da49-48ac-94dc-948008e8fd16", "value": "Remotely Install Application - MOB-T1046" }, @@ -1531,9 +1657,18 @@ "http://researchcenter.paloaltonetworks.com/2015/09/novel-malware-xcodeghost-modifies-xcode-infects-apple-ios-apps-and-hits-app-store/" ] }, + "related": [ + { + "dest-uuid": "0d95940f-9583-4e0f-824c-a42c1be47fad", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "revoked-by" + } + ], "uuid": "b928b94a-4966-4e2a-9e61-36505b896ebc", "value": "Malicious Software Development Tools - MOB-T1065" } ], - "version": 3 -} + "version": 4 +} \ No newline at end of file diff --git a/clusters/mitre-mobile-attack-course-of-action.json b/clusters/mitre-mobile-attack-course-of-action.json index acccfb5..3613623 100644 --- a/clusters/mitre-mobile-attack-course-of-action.json +++ b/clusters/mitre-mobile-attack-course-of-action.json @@ -38,6 +38,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "mitigates" + }, + { + "dest-uuid": "52651225-0b3a-482d-aa7e-10618fd063b5", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "mitigates" } ], "uuid": "e829ee51-1caf-4665-ba15-7f8979634124", @@ -72,6 +79,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "mitigates" + }, + { + "dest-uuid": "2204c371-6100-4ae0-82f3-25c07c29772a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "mitigates" } ], "uuid": "0beabf44-e8d8-4ae4-9122-ef56369a2564", @@ -89,6 +103,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "mitigates" + }, + { + "dest-uuid": "3b0b604f-10db-41a0-b54c-493124d455b9", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "mitigates" } ], "uuid": "bcecd036-f40e-4916-9f8e-fd0ccf0ece8d", @@ -106,6 +127,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "mitigates" + }, + { + "dest-uuid": "667e5707-3843-4da8-bd34-88b922526f0d", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "mitigates" } ], "uuid": "8ccd428d-39da-4e8f-a55b-d48ea1d56e58", @@ -191,6 +219,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "mitigates" + }, + { + "dest-uuid": "79eec66a-9bd0-4a3f-ac82-19159e94bd44", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "mitigates" } ], "uuid": "1553b156-6767-47f7-9eb4-2a692505666d", @@ -208,6 +243,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "mitigates" + }, + { + "dest-uuid": "6f86d346-f092-4abc-80df-8558a90c426a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "mitigates" } ], "uuid": "653492e3-27be-4a0e-b08c-938dd2b7e0e1", @@ -225,6 +267,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "mitigates" + }, + { + "dest-uuid": "53263a67-075e-48fa-974b-91c5b5445db7", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "mitigates" } ], "uuid": "649f7268-4c12-483b-ac84-4b7bca9fe2ee", @@ -242,11 +291,18 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "mitigates" + }, + { + "dest-uuid": "a5de0540-73e7-4c67-96da-4143afedc7ed", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "mitigates" } ], "uuid": "8220b57e-c400-4525-bf69-f8edc6b389a8", "value": "Encrypt Network Traffic - MOB-M1009" } ], - "version": 4 -} + "version": 5 +} \ No newline at end of file diff --git a/clusters/mitre-mobile-attack-malware.json b/clusters/mitre-mobile-attack-malware.json index d78f394..49d5c8f 100644 --- a/clusters/mitre-mobile-attack-malware.json +++ b/clusters/mitre-mobile-attack-malware.json @@ -35,6 +35,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "4e6620ac-c30c-4f6d-918e-fa20cae7c1ce", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "a3dad2be-ce62-4440-953b-00fbce7aba93", @@ -113,6 +120,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "9d7c32f4-ab39-49dc-8055-8106bc2294a1", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "3bc1f0ad-ef11-4afc-83c0-fcffe08d4e50", @@ -138,6 +152,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "e13d084c-382f-40fd-aa9a-98d69e20301e", @@ -172,6 +193,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "351c0927-2fc1-4a2c-ad84-cbbee7eb8172", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "c80a6bef-b3ce-44d0-b113-946e93124898", @@ -221,6 +249,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "e8b4e1ec-8e3b-484c-9038-4459b1ed8060", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "f6ac21b6-2592-400c-8472-10d0e2f1bfaf", @@ -260,6 +295,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "351c0927-2fc1-4a2c-ad84-cbbee7eb8172", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "33d9d91d-aad9-49d5-a516-220ce101ac8a", @@ -315,6 +357,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "76c12fc8-a4eb-45d6-a3b7-e371a7248f69", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "c8770c81-c29f-40d2-a140-38544206b2b4", @@ -394,6 +443,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "53263a67-075e-48fa-974b-91c5b5445db7", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "5ddf81ea-2c06-497b-8c30-5f1ab89a40f9", @@ -498,6 +554,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "6683aa0c-d98a-4f5b-ac57-ca7e9934a760", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "05c4f87c-be8f-46ea-8d9a-2a0aad8f52c1", @@ -646,6 +709,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "99e6295e-741b-4857-b6e5-64989eb039b4", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "56660521-6db4-4e5a-a927-464f22954b7c", @@ -718,6 +788,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "53263a67-075e-48fa-974b-91c5b5445db7", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "d05f7357-4cbe-47ea-bf83-b8604226d533", @@ -742,6 +819,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "8f0e39c6-82c9-41ec-9f93-5696c0f2e274", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "c709da93-20c3-4d17-ab68-48cba76b2137", @@ -766,6 +850,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "53263a67-075e-48fa-974b-91c5b5445db7", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "b6d3657a-2d6a-400f-8b7e-4d60391aa1f7", @@ -790,6 +881,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "6c49d50f-494d-4150-b774-a655022d20a6", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "3c3b55a6-c3e9-4043-8aae-283fe96220c0", @@ -814,6 +912,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "99e6295e-741b-4857-b6e5-64989eb039b4", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "20dbaf05-59b8-4dc6-8777-0b17f4553a23", @@ -838,6 +943,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "b3c2e5de-0941-4b57-ba61-af029eb5517a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "363bc05d-13cb-4e98-a5b7-e250f2bbdc2b", @@ -869,6 +981,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "99e6295e-741b-4857-b6e5-64989eb039b4", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "d1c600f8-0fb6-4367-921b-85b71947d950", @@ -892,6 +1011,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "53263a67-075e-48fa-974b-91c5b5445db7", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "a15c9357-2be0-4836-beec-594f28b9b4a9", @@ -932,6 +1058,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "d9db3d46-66ca-44b4-9daa-1ef97cb7465a", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "93799a9d-3537-43d8-b6f4-17215de1657c", @@ -957,11 +1090,18 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "0d95940f-9583-4e0f-824c-a42c1be47fad", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "d9e07aea-baad-4b68-bdca-90c77647d7f9", "value": "XcodeGhost - MOB-S0013" } ], - "version": 6 -} + "version": 7 +} \ No newline at end of file diff --git a/clusters/mitre-pre-attack-attack-pattern.json b/clusters/mitre-pre-attack-attack-pattern.json index f293b24..b17de7d 100644 --- a/clusters/mitre-pre-attack-attack-pattern.json +++ b/clusters/mitre-pre-attack-attack-pattern.json @@ -534,6 +534,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "related-to" + }, + { + "dest-uuid": "7baccb84-356c-4e89-8c5d-58e701f033fc", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "related-to" } ], "uuid": "96eb59d1-6c46-44bb-bfcd-56be02a00d41", @@ -664,6 +671,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "related-to" + }, + { + "dest-uuid": "59369f72-3005-4e54-9095-3d00efcece73", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "related-to" } ], "uuid": "78e41091-d10d-4001-b202-89612892b6ff", @@ -1422,6 +1436,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "related-to" + }, + { + "dest-uuid": "74a3288e-eee9-4f8e-973a-fbc128e033f1", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "related-to" } ], "uuid": "a757670d-d600-48d9-8ae9-601d42c184a5", @@ -2290,6 +2311,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "related-to" + }, + { + "dest-uuid": "784ff1bc-1483-41fe-a172-4cd9ae25c06b", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "related-to" } ], "uuid": "2b9a666e-bd59-4f67-9031-ed41b428e04a", @@ -2355,6 +2383,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "related-to" + }, + { + "dest-uuid": "7baccb84-356c-4e89-8c5d-58e701f033fc", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "related-to" } ], "uuid": "092f05e3-f7c0-4cd2-91be-3a8d6ed3cadc", @@ -2653,6 +2688,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "related-to" + }, + { + "dest-uuid": "a757670d-d600-48d9-8ae9-601d42c184a5", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "related-to" } ], "uuid": "af358cad-eb71-4e91-a752-236edc237dae", @@ -2743,5 +2785,5 @@ "value": "Data Hiding - PRE-T1097" } ], - "version": 4 -} + "version": 5 +} \ No newline at end of file diff --git a/clusters/mitre-pre-attack-intrusion-set.json b/clusters/mitre-pre-attack-intrusion-set.json index 94ed408..175019f 100644 --- a/clusters/mitre-pre-attack-intrusion-set.json +++ b/clusters/mitre-pre-attack-intrusion-set.json @@ -76,6 +76,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "6aac77c4-eaf2-4366-8c13-ce50ab951f38", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "bef4c620-0787-42a8-a96d-b7eb6e85917c", @@ -208,6 +215,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "ad4f146f-e3ec-444a-ba71-24bffd7f0f8e", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "c47f937f-1022-4f42-8525-e7a4779a14cb", @@ -242,6 +256,13 @@ "estimative-language:likelihood-probability=\"almost-certain\"" ], "type": "uses" + }, + { + "dest-uuid": "0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22", + "tags": [ + "estimative-language:likelihood-probability=\"almost-certain\"" + ], + "type": "uses" } ], "uuid": "6a2e693f-24e5-451a-9f88-b36a108e5662", @@ -334,5 +355,5 @@ "value": "APT17 - G0025" } ], - "version": 6 -} + "version": 7 +} \ No newline at end of file diff --git a/clusters/mitre-tool.json b/clusters/mitre-tool.json index 544d558..45b2f23 100644 --- a/clusters/mitre-tool.json +++ b/clusters/mitre-tool.json @@ -2608,5 +2608,5 @@ "value": "Xbot - S0298" } ], - "version": 10 -} + "version": 11 +} \ No newline at end of file