- None
Actions on the Objective: Minor wording changes.
- None
TAC-25 Accessibility Options AbuseTAC-26 ImpersonationTAC-27 Session ManipulationTAC-28 Queue BypassTAC-29 Session TransferTAC-30 Bonus FarmingTAC-31 AI Model TrainingTAC-32 Geo-Location SpoofingTAC-33 Device EmulationTAC-34 Attack Surface IdentificationTAC-35 Fake Credibility GenerationTAC-36 Specific Target ScrapingTAC-37 Loose Target ScrapingTAC-38 Identity AcquisitionTAC-39 Inventory ManipulationTAC-40 Add to CartTAC-41 Account EnumerationTAC-42 Payment Card EnumerationTAC-43 Information Release
TAC-02 Credential Acquisition: Minor wording changes.TAC-03 Infrastructure Acquisition: Minor wording changes.TAC-04 Payment Detail Acquisition: Minor wording changes.TAC-08 Mitigation Bypass->TAC-08 CAPTCHA Bypass: Renamed.TAC-10 Proxying: Major wording changes.TAC-12 Account Creation: Minor wording changes.TAC-15 Stock Purchase->TAC-15 Purchase: Major wording changes. Renamed.TAC-20 Transaction Redirect->TAC-20 Cashout: Major wording changes. Renamed.TAC-21 Exfiltration->TAC-21 Data Extraction: Renamed.
TAC-06 Specific Target: Replaced byTAC-36 Specific Target ScrapingTAC-07 Loose Target: Replaced byTAC-37 Loose Target ScrapingTAC-16 SpinningTAC-17 Sniping
TEQ-081 Accessibility DowngradeTEQ-082 Session PersistenceTEQ-083 Session ReassumptionTEQ-084 Queue FloodingTEQ-085 Queue Position TrackingTEQ-086 Queue JumpingTEQ-087 Queue EvasionTEQ-088 Session SpoofingTEQ-089 Queue Position TransferTEQ-090 Referral Program ExploitationTEQ-091 ClickjackingTEQ-092 Bonus ClippingTEQ-093 LLM Training DataTEQ-094 LAM Training DataTEQ-095 GPS SpoofingTEQ-096 Mobile Network SpoofingTEQ-097 Accept-Language ManipulationTEQ-098 TLS SpoofingTEQ-099 Header SpoofingTEQ-100 Path EnumerationTEQ-101 Endpoint EnumerationTEQ-102 Fake Account CreationTEQ-103 Queue ExhaustionTEQ-104 Queue EntryTEQ-105 Account AgeingTEQ-106 FuzzingTEQ-107 Synthetic Account CreationTEQ-108 Impersonated Account CreationTEQ-109 Inventory ExhaustionTEQ-110 Mass Add to CartTEQ-111 Loyalty Points RedemptionTEQ-112 DeepfakesTEQ-113 Credit/Debit Card CrackingTEQ-114 Gift Card CrackingTEQ-115 Intellectual Property LeakTEQ-116 Inventory Information ExtractionTEQ-117 Credential ExtractionTEQ-118 Payment Detail ExtractionTEQ-119 PII ExtractionTEQ-120 Intellectual Property Extraction
TEQ-002 URL Disguise: Minor wording changes.TEQ-003 Data Dumps: AddedTAC-38 Identity Acquisitionas parent.TEQ-004 Malware->TEQ-004 Infostealer: Major wording changes. Renamed.TEQ-005 Person in the Middle: Minor wording changes.TEQ-008 Botnet: Minor wording changes. RemovedTAC-10 Proxyingas parent.TEQ-011 Supply Chain Compromise->TEQ-011 Trusted Infrastructure: Major wording changes. Renamed.TEQ-015 Continual Content Scraping: RemovedTAC-06 Specific TargetandTAC-07 Loose Targetas parents and replaced withTAC-36 Specific Target ScrapingandTAC-37 Loose Target Scraping.TEQ-018 CAPTCHA Farm: Minor wording changes.TEQ-020 Token Bypass: RemovedTAC-08 Mitigation Bypassas parent and replaced withTAC-27 Session Manipulation.TEQ-021 Cookie Abuse: RemovedTAC-08 Mitigation Bypassas parent and replaced withTAC-27 Session Manipulation.TEQ-022 Accessibility Options Abuse->TEQ-022 Accessibilty Feature Abuse: Minor wording changes. Renamed. RemovedTAC-08 Mitigation Bypass,TAC-09 Human EmulationandTAC-14 Fake Interactionas parents and replaced withTAC-25 Accessibility Option Abuse.TEQ-023 MFA Bypass: RemovedTAC-08 Mitigation Bypassas parent and replaced withTAC-26 Impersonation.TEQ-024 Credential Pinning: RemovedTAC-08 Mitigation Bypassas parent and replaced withTAC-26 Impersonation.TEQ-025 Certificate Abuse: RemovedTAC-08 Mitigation Bypassas parent and replaced withTAC-27 Session Manipulation.TEQ-027 User Agent Spoofing: Minor wording changes. RemovedTAC-09 Human EmulationandTAC-10 Proxyingas parents and replaced withTAC-33 Device Emulation.TEQ-028 Device Fingerprint Emulation->TEQ-028 Device Configuration Emulation: Minor wording changes. Renamed. RemovedTAC-09 Human Emulationas parent and replaced withTAC-33 Device Emulation.TEQ-029 Notification Hijack: RemovedTAC-14 Fake Interactionas parent.TEQ-030 IP Rotation: AddedTAC-32 Geolocation Spoofingas parent.TEQ-033 Smurfing->TEQ-033 Multi-Accounting: Renamed.TEQ-036 Social Media Creation: Major wording changes. RemovedTAC-12 Account Creationas parent and replaced withTAC-38 Identity Acquisition.TEQ-037 Email Generator: RemovedTAC-12 Account Creationas parent and replaced withTAC-38 Identity Acquisition.TEQ-038 Call/SMS Generator: RemovedTAC-12 Account Creationas parent and replaced withTAC-38 Identity Acquisition.TEQ-039 Virtual Wallet Creation: RemovedTAC-12 Account Creationas parent and replaced withTAC-38 Identity Acquisition.TEQ-040 Credential Cracking: Minor wording changes.TEQ-041 Credential Stuffing: AddedTAC-41 Account Enumerationas parent.TEQ-045 Written Interaction->TEQ-045 Content Posting: Minor wording changes. Renamed.TEQ-047 Form Filling->TEQ-047 Form Submission: Major wording changes. Renamed.TEQ-049 Automated Add to Cart: RemovedTAC-15 Stock Purchase,TAC-16 SpinningandTAC-10 Snipingas parents and replaced withTAC-40 Add to Cart.TEQ-050 Automated Purchase: RemovedTAC-16 SpinningandTAC-10 Snipingas parents.TEQ-051 Stock Price Manipulation->TEQ-051 Price Manipulation: Minor wording changes. Renamed.TEQ-053 Inventory Hoarding: Major wording changes. RemovedTAC-16 Spinningas parent and replaced withTAC-39 Inventory Manipulation.TEQ-054 Transfer of Cart: RemovedTAC-16 Spinningas parent and replaced withTAC-29 Session Transfer.TEQ-055 Automated Sale: Major wording changes. RemovedTAC-16 SpinningandTAC-17 Snipingas parents.TEQ-056 Automated Bid: Major wording changes. RemovedTAC-17 Snipingas parent and replaced withTAC-15 Purchase.TEQ-061 Credit/Debit Card Abuse: Minor wording changes.TEQ-062 Gift Card Abuse: Major wording changes.TEQ-063 Loyalty Points Abuse: Minor wording changes.TEQ-061 Buy Now Pay Later Abuse: Major wording changes.TEQ-065 ATS Fraud->TEQ-065 Bank Transfer: Renamed.TEQ-066 Automated Advertisement of Stock->TEQ-066 Inventory Information Release: Minor wording changes. Renamed. RemovedTAC-21 Exfiltrationas parent and replaced withTAC-43 Information ReleaseTEQ-067 Credential Dumping: Major wording changes. RemovedTAC-21 Exfiltrationas parent and replaced withTAC-43 Information ReleaseTEQ-069 Payment Detail Dumping: RemovedTAC-21 Exfiltrationas parent and replaced withTAC-43 Information ReleaseTEQ-070 PII Dumping: RemovedTAC-21 Exfiltrationas parent and replaced withTAC-43 Information ReleaseTEQ-072 Jigging->TEQ-072 Address Manipulation: Minor wording changes. Renamed.TEQ-074 Driver Intercept->TEQ-074 Driver Redirect: Major wording changes. Renamed.TEQ-076 Manual Sale: Major wording changes.TEQ-078 Valid Accounts: Minor wording changes.TEQ-079 Fund Withdrawal->TEQ-079 Account Balance Withdrawal: Renamed.
TEQ-007 Fake Credibility Generation: Replaced byTAC-35 Fake Credibility GenerationTEQ-009 Command & ControlTEQ-017 Technical Reconnaissance: Replaced byTAC-34 Attack Surface IdentificationandTAC-44 Vulnerability IdentificationTEQ-043 Comment Flooding: Merged intoTEQ-045 Content PostingTEQ-048 Overlay AttackTEQ-052 Distributed Stock PurchaseTEQ-057 Pre-Release BuyingTEQ-068 API Information Flow Exfiltration
- None
- Updated all killchains to reflect the new and updated tactics and techniques
- None
- Renamed framework from Business Logic Attack Definition Framework to Business Logic Abuse Definition Framework and updated terminology accordingly. The term attack could imply an immediate need for remediation and force a binary response, such as blocking or not blocking. In cases of business logic abuse, multiple levers could be pulled to assist companies facing these challenges. Customers often need to make a business decision, not just a security decision
- Tactics and techniques in Matrix and Killchain views are now displayed in alphabetical order