Updates April 2021 October 2020 July 2020 March 2020 October 2019 July 2019 April 2019 October 2018 April 2018 January 2018 July 2017 April 2017 January 2017 July 2016
  1. Home
  2. Resources
  3. Updates
  4. January 2018

Updates - January 2018

Version Start Date End Date Data
ATT&CK v1 January 6, 2018 April 12, 2018 v1.0 on MITRE/CTI

Techniques

19 new techniques - Up to 188 from 169:

Three techniques renamed

DLL Injection -> Process Injection Cron -> Local Job Scheduling Local Port Monitor -> Port Monitors

Many techniques updated

Changes include adding new technical description information, detection and mitigation details, references, and adversary use examples. These range from major revisions, like with Process Injection and Access Token Manipulation to add substantially new information in the technical descriptions, to minor revisions, like InstallUtil to add some additional details.

Groups and Software

In addition to the new pages below, we updated many Group and Software pages, including OilRig and Dragonfly. We also added additional Associated Groups in an attempt to track overlapping activity from multiple vendors as a single Group.

Nine new groups:

26 new software entries:

Other Changes

Consolidated platforms parameters - It was becoming cumbersome to track individual OS platform versions and releases. Since many of the techniques described work across most versions of a platform, we decided to consolidate them to down to one tag. Any version requirements will be captured in the technical description and requirements sections of a technique

  • All Windows versions -> Windows
  • MacOS/OS X -> macOS
  • Linux - no change