OfffensivePenetration Testing

MITRE ATT&CK® Released Updates in Oct 2021 With Additional Techniques and Structuring

MITRE ATT&CK® is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.

With the creation of ATT&CK, MITRE is fulfilling its mission to solve problems for a safer world — by bringing communities together to develop more effective cybersecurity. ATT&CK is open and available to any person or organization for use at no charge.

MITRE ATT&CK® Released The October 2021 (v10) ATT&CK updates Techniques, Groups, and Software for Enterprise, Mobile, and ICS. The biggest change is the addition of a new set of Data Source and Data Component objects in Enterprise ATT&CK, complementing the ATT&CK Data Source name changes released in ATT&CK v9. An accompanying blog post describes these changes as well as improvements across ATT&CK’s various domains and platforms.” As stated by MITRE.

In this release, MITRE has renamed T1185 and T1557 to be more inclusive, and deprecated T1053.004 to better reflect adversary behavior.

This version of ATT&CK for Enterprise contains 14 Tactics, 188 Techniques, 379 Sub-techniques, 129 Groups, and 637 Pieces of Software.

Techniques

Enterprise

New Techniques:

Technique changes:

Minor Technique changes:

Technique revocations: No changes

Technique deprecations:

Mobile

New Techniques:

Technique changes:

Minor Technique changes: No changes

Technique revocations: No changes

Technique deprecations: No changes

Software

Enterprise

New Software:

Software changes:

Minor Software changes:

Software revocations: No changes

Software deprecations: No changes

Mobile

New Software:

Software changes:

Minor Software changes: No changes

Software revocations: No changes

Software deprecations: No changes

Groups

Enterprise

New Groups:

Group changes:

Minor Group changes:

Group revocations:

  • Stolen Pencil (revoked by Kimsuky)

Group deprecations:

Mobile

New Groups: No changes

Group changes:

Minor Group changes: No changes

Group revocations: No changes

Group deprecations: No changes

Mitigations

Enterprise

New Mitigations:

Mitigation changes: No changes

Minor Mitigation changes: No changes

Mitigation revocations: No changes

Mitigation deprecations: No changes

Mobile

New Mitigations: No changes

Mitigation changes: No changes

Minor Mitigation changes: No changes

Mitigation revocations: No changes

Mitigation deprecations: No changes

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.