November 1, 2023 at 08:49AM
MITRE has released version 14 of its ATT&CK knowledge base, which includes improvements in detections, industrial control systems (ICS), and mobile. This version covers 760 software pieces, 143 activity clusters, and 24 campaigns across enterprise, mobile, and ICS. Notable updates include expanded detection notes and analytics, technique alignments to data sources and mitigations, expanded enterprise category, and improved asset pages for ICS. The mobile category now includes various types of phishing. Navigation on the ATT&CK website has been enhanced, and more details can be found in MITRE’s blog post and release notes.
Key takeaways from the meeting notes:
1. MITRE has released version 14 of ATT&CK, which is a knowledge base of adversary tactics and techniques.
2. ATT&CK v14 includes improvements related to detections, industrial control systems (ICS), and mobile.
3. ATT&CK v14 covers a total of 760 pieces of software, 143 activity clusters, and 24 campaigns across enterprise, mobile, and ICS.
4. The latest version of ATT&CK expands detection notes and analytics, and enhances relationships between detections, data sources, and mitigations.
5. ATT&CK now incorporates social engineering techniques and deceptive practices in the ‘enterprise’ category.
6. In the ICS category, version 14 adds over a dozen assets representing the primary functional components of ICS environments.
7. The ‘mobile’ category in ATT&CK now includes various types of phishing and structured detections.
8. The navigation bar of the ATT&CK website has been updated to feature a single dynamic menu.
9. MITRE has published a blog post, release notes, and a detailed changelog for ATT&CK v14.
Note: The meeting notes also include related articles about MITRE’s collaboration with other organizations and the release of other tools and updates.