Threats Consequences Barriers

Threats Library

Reusable threat definitions (causes on the left side of bow-tie diagrams).

Add Threat

Tags: clear tags
Clear all
658 threats — page 12 of 14
Name Category Tags Description
Event Triggered Execution: AppCert DLLs Privilege Escalation
mitre-attack T1546.009
Adversaries may establish persistence and/or elevate privileges by executing malicious content trigg… Edit
Event Triggered Execution: AppInit DLLs Privilege Escalation
mitre-attack T1546.010
Adversaries may establish persistence and/or elevate privileges by executing malicious content trigg… Edit
Event Triggered Execution: Application Shimming Privilege Escalation
mitre-attack T1546.011
Adversaries may establish persistence and/or elevate privileges by executing malicious content trigg… Edit
Event Triggered Execution: Change Default File Association Privilege Escalation
mitre-attack T1546.001
Adversaries may establish persistence by executing malicious content triggered by a file type associ… Edit
Event Triggered Execution: Component Object Model Hijacking Privilege Escalation
mitre-attack T1546.015
Adversaries may establish persistence by executing malicious content triggered by hijacked reference… Edit
Event Triggered Execution: Emond Privilege Escalation
mitre-attack T1546.014
Adversaries may gain persistence and elevate privileges by executing malicious content triggered by … Edit
Event Triggered Execution: Image File Execution Options Injection Privilege Escalation
mitre-attack T1546.012
Adversaries may establish persistence and/or elevate privileges by executing malicious content trigg… Edit
Event Triggered Execution: Installer Packages Privilege Escalation
mitre-attack T1546.016
Adversaries may establish persistence and elevate privileges by using an installer to trigger the ex… Edit
Event Triggered Execution: LC_LOAD_DYLIB Addition Privilege Escalation
mitre-attack T1546.006
Adversaries may establish persistence by executing malicious content triggered by the execution of t… Edit
Event Triggered Execution: Netsh Helper DLL Privilege Escalation
mitre-attack T1546.007
Adversaries may establish persistence by executing malicious content triggered by Netsh Helper DLLs.… Edit
Event Triggered Execution: PowerShell Profile Privilege Escalation
mitre-attack T1546.013
Adversaries may gain persistence and elevate privileges by executing malicious content triggered by … Edit
Event Triggered Execution: Screensaver Privilege Escalation
mitre-attack T1546.002
Adversaries may establish persistence by executing malicious content triggered by user inactivity. S… Edit
Event Triggered Execution: Trap Privilege Escalation
mitre-attack T1546.005
Adversaries may establish persistence by executing malicious content triggered by an interrupt signa… Edit
Event Triggered Execution: Unix Shell Configuration Modification Privilege Escalation
mitre-attack T1546.004
Adversaries may establish persistence through executing malicious commands triggered by a user’s she… Edit
Event Triggered Execution: Windows Management Instrumentation Event Subscription Privilege Escalation
mitre-attack T1546.003
Adversaries may establish persistence and elevate privileges by executing malicious content triggere… Edit
Exploitation for Privilege Escalation Privilege Escalation
mitre-attack T1068
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges. Exploitation o… Edit
Active Scanning Reconnaissance
mitre-attack T1595
Adversaries may execute active reconnaissance scans to gather information that can be used during ta… Edit
Active Scanning: Scanning IP Blocks Reconnaissance
mitre-attack T1595.001
Adversaries may scan victim IP blocks to gather information that can be used during targeting. Publi… Edit
Active Scanning: Vulnerability Scanning Reconnaissance
mitre-attack T1595.002
Adversaries may scan victims for vulnerabilities that can be used during targeting. Vulnerability sc… Edit
Active Scanning: Wordlist Scanning Reconnaissance
mitre-attack T1595.003
Adversaries may iteratively probe infrastructure using brute-forcing and crawling techniques. While … Edit
Gather Victim Host Information Reconnaissance
mitre-attack T1592
Adversaries may gather information about the victim's hosts that can be used during targeting. Infor… Edit
Gather Victim Host Information: Client Configurations Reconnaissance
mitre-attack T1592.004
Adversaries may gather information about the victim's client configurations that can be used during … Edit
Gather Victim Host Information: Firmware Reconnaissance
mitre-attack T1592.003
Adversaries may gather information about the victim's host firmware that can be used during targetin… Edit
Gather Victim Host Information: Hardware Reconnaissance
mitre-attack T1592.001
Adversaries may gather information about the victim's host hardware that can be used during targetin… Edit
Gather Victim Host Information: Software Reconnaissance
mitre-attack T1592.002
Adversaries may gather information about the victim's host software that can be used during targetin… Edit
Gather Victim Identity Information Reconnaissance
mitre-attack T1589
Adversaries may gather information about the victim's identity that can be used during targeting. In… Edit
Gather Victim Identity Information: Credentials Reconnaissance
mitre-attack T1589.001
Adversaries may gather credentials that can be used during targeting. Account credentials gathered b… Edit
Gather Victim Identity Information: Email Addresses Reconnaissance
mitre-attack T1589.002
Adversaries may gather email addresses that can be used during targeting. Even if internal instances… Edit
Gather Victim Identity Information: Employee Names Reconnaissance
mitre-attack T1589.003
Adversaries may gather employee names that can be used during targeting. Employee names be used to d… Edit
Gather Victim Network Information Reconnaissance
mitre-attack T1590
Adversaries may gather information about the victim's networks that can be used during targeting. In… Edit
Gather Victim Network Information: DNS Reconnaissance
mitre-attack T1590.002
Adversaries may gather information about the victim's DNS that can be used during targeting. DNS inf… Edit
Gather Victim Network Information: Domain Properties Reconnaissance
mitre-attack T1590.001
Adversaries may gather information about the victim's network domain(s) that can be used during targ… Edit
Gather Victim Network Information: IP Addresses Reconnaissance
mitre-attack T1590.005
Adversaries may gather the victim's IP addresses that can be used during targeting. Public IP addres… Edit
Gather Victim Network Information: Network Security Appliances Reconnaissance
mitre-attack T1590.006
Adversaries may gather information about the victim's network security appliances that can be used d… Edit
Gather Victim Network Information: Network Topology Reconnaissance
mitre-attack T1590.004
Adversaries may gather information about the victim's network topology that can be used during targe… Edit
Gather Victim Network Information: Network Trust Dependencies Reconnaissance
mitre-attack T1590.003
Adversaries may gather information about the victim's network trust dependencies that can be used du… Edit
Gather Victim Org Information Reconnaissance
mitre-attack T1591
Adversaries may gather information about the victim's organization that can be used during targeting… Edit
Gather Victim Org Information: Business Relationships Reconnaissance
mitre-attack T1591.002
Adversaries may gather information about the victim's business relationships that can be used during… Edit
Gather Victim Org Information: Determine Physical Locations Reconnaissance
mitre-attack T1591.001
Adversaries may gather the victim's physical location(s) that can be used during targeting. Informat… Edit
Gather Victim Org Information: Identify Business Tempo Reconnaissance
mitre-attack T1591.003
Adversaries may gather information about the victim's business tempo that can be used during targeti… Edit
Gather Victim Org Information: Identify Roles Reconnaissance
mitre-attack T1591.004
Adversaries may gather information about identities and roles within the victim organization that ca… Edit
Phishing for Information Reconnaissance
mitre-attack T1598
Adversaries may send phishing messages to elicit sensitive information that can be used during targe… Edit
Phishing for Information: Spearphishing Attachment Reconnaissance
mitre-attack T1598.002
Adversaries may send spearphishing messages with a malicious attachment to elicit sensitive informat… Edit
Phishing for Information: Spearphishing Link Reconnaissance
mitre-attack T1598.003
Adversaries may send spearphishing messages with a malicious link to elicit sensitive information th… Edit
Phishing for Information: Spearphishing Service Reconnaissance
mitre-attack T1598.001
Adversaries may send spearphishing messages via third-party services to elicit sensitive information… Edit
Phishing for Information: Spearphishing Voice Reconnaissance
mitre-attack T1598.004
Adversaries may use voice communications to elicit sensitive information that can be used during tar… Edit
Search Closed Sources Reconnaissance
mitre-attack T1597
Adversaries may search and gather information about victims from closed (e.g., paid, private, or oth… Edit
Search Closed Sources: Purchase Technical Data Reconnaissance
mitre-attack T1597.002
Adversaries may purchase technical information about victims that can be used during targeting. Info… Edit
Search Closed Sources: Threat Intel Vendors Reconnaissance
mitre-attack T1597.001
Adversaries may search private data from threat intelligence vendors for information that can be use… Edit
Search Open Technical Databases Reconnaissance
mitre-attack T1596
Adversaries may search freely available technical databases for information about victims that can b… Edit
← Prev 1 10 11 12 13 14 Next →

658 total