new: [social-engineering-attack-vectors] new taxonomy describing
technical and non-technical social engineering techniques Ref: A Taxonomy of Social Engineering Defense Mechanisms February 2020 DOI:10.1007/978-3-030-39442-4_3 In book: Advances in Information and Communication (pp.27-41)pull/227/head
parent
19a73ef99b
commit
6da2a75fc4
|
@ -573,6 +573,11 @@
|
|||
"name": "smart-airports-threats",
|
||||
"version": 1
|
||||
},
|
||||
{
|
||||
"description": "Attack vectors used in social engineering as described in 'A Taxonomy of Social Engineering Defense Mechanisms' by Dalal Alharthi and others.",
|
||||
"name": "social-engineering-attack-vectors",
|
||||
"version": 1
|
||||
},
|
||||
{
|
||||
"description": "A spectrum of state responsibility to more directly tie the goals of attribution to the needs of policymakers.",
|
||||
"name": "state-responsibility",
|
||||
|
@ -660,5 +665,5 @@
|
|||
}
|
||||
],
|
||||
"url": "https://raw.githubusercontent.com/MISP/misp-taxonomies/main/",
|
||||
"version": "20220129"
|
||||
"version": "20220210"
|
||||
}
|
||||
|
|
12
README.md
12
README.md
|
@ -560,7 +560,7 @@ Status of events used in Request Tracker. [Overview](https://www.misp-project.or
|
|||
### runtime-packer
|
||||
|
||||
[runtime-packer](https://github.com/MISP/misp-taxonomies/tree/main/runtime-packer) :
|
||||
Runtime or software packer used to combine compressed data with the decompression code. The decompression code can add additional obfuscations mechanisms including polymorphic-packer or other obfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries. [Overview](https://www.misp-project.org/taxonomies.html#_runtime_packer)
|
||||
Runtime or software packer used to combine compressed or encrypted data with the decompression or decryption code. This code can add additional obfuscations mechanisms including polymorphic-packer or other obfuscation techniques. This taxonomy lists all the known or official packer used for legitimate use or for packing malicious binaries. [Overview](https://www.misp-project.org/taxonomies.html#_runtime_packer)
|
||||
|
||||
### scrippsco2-fgc
|
||||
|
||||
|
@ -582,6 +582,11 @@ Sampling stations of the Scripps CO2 Program [Overview](https://www.misp-project
|
|||
[smart-airports-threats](https://github.com/MISP/misp-taxonomies/tree/main/smart-airports-threats) :
|
||||
Threat taxonomy in the scope of securing smart airports by ENISA. https://www.enisa.europa.eu/publications/securing-smart-airports [Overview](https://www.misp-project.org/taxonomies.html#_smart_airports_threats)
|
||||
|
||||
### social-engineering-attack-vectors
|
||||
|
||||
[social-engineering-attack-vectors](https://github.com/MISP/misp-taxonomies/tree/main/social-engineering-attack-vectors) :
|
||||
Attack vectors used in social engineering as described in 'A Taxonomy of Social Engineering Defense Mechanisms' by Dalal Alharthi and others. [Overview](https://www.misp-project.org/taxonomies.html#_social_engineering_attack_vectors)
|
||||
|
||||
### state-responsibility
|
||||
|
||||
[state-responsibility](https://github.com/MISP/misp-taxonomies/tree/main/state-responsibility) :
|
||||
|
@ -667,6 +672,11 @@ Ce vocabulaire attribue des valeurs en pourcentage à certains énoncés de prob
|
|||
[workflow](https://github.com/MISP/misp-taxonomies/tree/main/workflow) :
|
||||
Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information. [Overview](https://www.misp-project.org/taxonomies.html#_workflow)
|
||||
|
||||
### workflow
|
||||
|
||||
[workflow](https://github.com/MISP/misp-taxonomies/tree/main/workflow) :
|
||||
Workflow support language is a common language to support intelligence analysts to perform their analysis on data and information. [Overview](https://www.misp-project.org/taxonomies.html#_workflow)
|
||||
|
||||
# Reserved Taxonomy
|
||||
|
||||
The following taxonomy namespaces are reserved and used internally to MISP.
|
||||
|
|
|
@ -0,0 +1,104 @@
|
|||
{
|
||||
"version": 1,
|
||||
"description": "Attack vectors used in social engineering as described in 'A Taxonomy of Social Engineering Defense Mechanisms' by Dalal Alharthi and others.",
|
||||
"expanded": "Social Engineering Attack Vectors",
|
||||
"namespace": "social-engineering-attack-vectors",
|
||||
"exclusive": false,
|
||||
"predicates": [
|
||||
{
|
||||
"value": "technical",
|
||||
"expanded": "Technical"
|
||||
},
|
||||
{
|
||||
"value": "non-technical",
|
||||
"expanded": "Non-technical"
|
||||
}
|
||||
],
|
||||
"values": [
|
||||
{
|
||||
"predicate": "technical",
|
||||
"entry": [
|
||||
{
|
||||
"value": "vishing",
|
||||
"expanded": "Vishing"
|
||||
},
|
||||
{
|
||||
"value": "spear-phishing",
|
||||
"expanded": "Spear phishing"
|
||||
},
|
||||
{
|
||||
"value": "interesting-software",
|
||||
"expanded": "Interesting software"
|
||||
},
|
||||
{
|
||||
"value": "baiting",
|
||||
"expanded": "Baiting"
|
||||
},
|
||||
{
|
||||
"value": "waterholing",
|
||||
"expanded": "Waterholing"
|
||||
},
|
||||
{
|
||||
"value": "phishing-and-trojan-email",
|
||||
"expanded": "Phishing and Trojan email"
|
||||
},
|
||||
{
|
||||
"value": "spam-email",
|
||||
"expanded": "Spam Email"
|
||||
},
|
||||
{
|
||||
"value": "popup-window",
|
||||
"expanded": "Popup Window"
|
||||
},
|
||||
{
|
||||
"value": "tailgating",
|
||||
"expanded": "Tailgating"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"predicate": "non-technical",
|
||||
"entry": [
|
||||
{
|
||||
"value": "pretexting-impersonation",
|
||||
"expanded": "Pretexting/Impersonation"
|
||||
},
|
||||
{
|
||||
"value": "hoaxing",
|
||||
"expanded": "Hoaxing"
|
||||
},
|
||||
{
|
||||
"value": "authoritative-voice",
|
||||
"expanded": "Authoritative voice"
|
||||
},
|
||||
{
|
||||
"value": "technical-expert",
|
||||
"expanded": "Technical expert"
|
||||
},
|
||||
{
|
||||
"value": "smudge-attack",
|
||||
"expanded": "Smudge Attack"
|
||||
},
|
||||
{
|
||||
"value": "dumpser-diving",
|
||||
"expanded": "Dumpster Diving"
|
||||
},
|
||||
{
|
||||
"value": "shoulder-surfing",
|
||||
"expanded": "Shoulder surfing"
|
||||
},
|
||||
{
|
||||
"value": "spying",
|
||||
"expanded": "Spying"
|
||||
},
|
||||
{
|
||||
"value": "support-staff",
|
||||
"expanded": "Support staff"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"refs": [
|
||||
"https://www.researchgate.net/publication/339224082_A_Taxonomy_of_Social_Engineering_Defense_Mechanisms"
|
||||
]
|
||||
}
|
Loading…
Reference in New Issue