diff --git a/MANIFEST.json b/MANIFEST.json index df752c8..52012b0 100644 --- a/MANIFEST.json +++ b/MANIFEST.json @@ -573,6 +573,11 @@ "name": "smart-airports-threats", "version": 1 }, + { + "description": "Attack vectors used in social engineering as described in 'A Taxonomy of Social Engineering Defense Mechanisms' by Dalal Alharthi and others.", + "name": "social-engineering-attack-vectors", + "version": 1 + }, { "description": "A spectrum of state responsibility to more directly tie the goals of attribution to the needs of policymakers.", "name": "state-responsibility", @@ -660,5 +665,5 @@ } ], "url": "https://raw.githubusercontent.com/MISP/misp-taxonomies/main/", - "version": "20220129" + "version": "20220210" } diff --git a/README.md b/README.md index 147ad48..d48452d 100644 --- a/README.md +++ b/README.md @@ -560,7 +560,7 @@ Status of events used in Request Tracker. [Overview](https://www.misp-project.or ### runtime-packer [runtime-packer](https://github.com/MISP/misp-taxonomies/tree/main/runtime-packer) : -Runtime or software packer used to combine compressed data with the decompression code. The decompression code can add additional obfuscations mechanisms including polymorphic-packer or other obfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries. [Overview](https://www.misp-project.org/taxonomies.html#_runtime_packer) +Runtime or software packer used to combine compressed or encrypted data with the decompression or decryption code. This code can add additional obfuscations mechanisms including polymorphic-packer or other obfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries. [Overview](https://www.misp-project.org/taxonomies.html#_runtime_packer) ### scrippsco2-fgc @@ -582,6 +582,11 @@ Sampling stations of the Scripps CO2 Program [Overview](https://www.misp-project [smart-airports-threats](https://github.com/MISP/misp-taxonomies/tree/main/smart-airports-threats) : Threat taxonomy in the scope of securing smart airports by ENISA. https://www.enisa.europa.eu/publications/securing-smart-airports [Overview](https://www.misp-project.org/taxonomies.html#_smart_airports_threats) +### social-engineering-attack-vectors + +[social-engineering-attack-vectors](https://github.com/MISP/misp-taxonomies/tree/main/social-engineering-attack-vectors) : +Attack vectors used in social engineering as described in 'A Taxonomy of Social Engineering Defense Mechanisms' by Dalal Alharthi and others. [Overview](https://www.misp-project.org/taxonomies.html#_social_engineering_attack_vectors) + ### state-responsibility [state-responsibility](https://github.com/MISP/misp-taxonomies/tree/main/state-responsibility) : @@ -667,6 +672,11 @@ Ce vocabulaire attribue des valeurs en pourcentage à certains énoncés de prob [workflow](https://github.com/MISP/misp-taxonomies/tree/main/workflow) : Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information. [Overview](https://www.misp-project.org/taxonomies.html#_workflow) +### workflow + +[workflow](https://github.com/MISP/misp-taxonomies/tree/main/workflow) : +Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information. [Overview](https://www.misp-project.org/taxonomies.html#_workflow) + # Reserved Taxonomy The following taxonomy namespaces are reserved and used internally to MISP. diff --git a/social-engineering-attack-vectors/machinetag.json b/social-engineering-attack-vectors/machinetag.json new file mode 100644 index 0000000..8499a10 --- /dev/null +++ b/social-engineering-attack-vectors/machinetag.json @@ -0,0 +1,104 @@ +{ + "version": 1, + "description": "Attack vectors used in social engineering as described in 'A Taxonomy of Social Engineering Defense Mechanisms' by Dalal Alharthi and others.", + "expanded": "Social Engineering Attack Vectors", + "namespace": "social-engineering-attack-vectors", + "exclusive": false, + "predicates": [ + { + "value": "technical", + "expanded": "Technical" + }, + { + "value": "non-technical", + "expanded": "Non-technical" + } + ], + "values": [ + { + "predicate": "technical", + "entry": [ + { + "value": "vishing", + "expanded": "Vishing" + }, + { + "value": "spear-phishing", + "expanded": "Spear phishing" + }, + { + "value": "interesting-software", + "expanded": "Interesting software" + }, + { + "value": "baiting", + "expanded": "Baiting" + }, + { + "value": "waterholing", + "expanded": "Waterholing" + }, + { + "value": "phishing-and-trojan-email", + "expanded": "Phishing and Trojan email" + }, + { + "value": "spam-email", + "expanded": "Spam Email" + }, + { + "value": "popup-window", + "expanded": "Popup Window" + }, + { + "value": "tailgating", + "expanded": "Tailgating" + } + ] + }, + { + "predicate": "non-technical", + "entry": [ + { + "value": "pretexting-impersonation", + "expanded": "Pretexting/Impersonation" + }, + { + "value": "hoaxing", + "expanded": "Hoaxing" + }, + { + "value": "authoritative-voice", + "expanded": "Authoritative voice" + }, + { + "value": "technical-expert", + "expanded": "Technical expert" + }, + { + "value": "smudge-attack", + "expanded": "Smudge Attack" + }, + { + "value": "dumpser-diving", + "expanded": "Dumpster Diving" + }, + { + "value": "shoulder-surfing", + "expanded": "Shoulder surfing" + }, + { + "value": "spying", + "expanded": "Spying" + }, + { + "value": "support-staff", + "expanded": "Support staff" + } + ] + } + ], + "refs": [ + "https://www.researchgate.net/publication/339224082_A_Taxonomy_of_Social_Engineering_Defense_Mechanisms" + ] +}