2017 Archive
CAPEC List Version 2.11 Now Available
August 4, 2017 | Share this article
CAPEC Version 2.11 has been posted on the CAPEC List page. A detailed report is available that lists specific changes between Version 2.10 and Version 2.11.
Major changes for Version 2.11 include adding three new attack patterns: CAPEC-630: TypoSquatting, CAPEC-631: SoundSquatting, and CAPEC-632: Homograph Attack via Homoglyphs. Also, the social engineering part of the tree was enhanced to improve relationships, patterns were updated to bring consistency to fields like Required Resources, and missing information was added throughout. In all, 138 patterns and categories were modified, and 5 patterns were deprecated. There were no schema updates.
There are now 512 total attack patterns listed.
Changes for the new version release include the following:
- New Attack Patterns Added:
|
3 |
- Existing Attack Patterns Updated:
|
138 |
- Attack Patterns Deprecated:
|
5 |
- Existing Categories Updated:
|
25 |
- CAPEC-to-CWE Mapping Added:
|
3 |
- CAPEC-to-CWE Mapping Removed:
|
7 |
See the complete list of changes at https://capec.mitre.org/data/reports/diff_reports/v2.10_v2.11.html.
Comments are welcome on the CAPEC Research Email Discussion List. Future updates will be noted here and on the CAPEC Research list.
CAPEC List Version 2.10 Now Available
May 1, 2017 | Share this article
CAPEC Version 2.10 has been posted on the CAPEC List page. A detailed report is available that lists specific changes between Version 2.9 and Version 2.10.
Major changes for Version 2.10 include adding fourteen new attack patterns: CAPEC-559: Orbital Jamming, CAPEC-582: Route Disabling, CAPEC-583: Disabling Network Hardware, CAPEC-584: BGP Route Disabling, CAPEC-585: DNS Domain Seizure, CAPEC-586: Object Injection, CAPEC-587: Cross Frame Scripting (XFS), CAPEC-588: DOM-Based XSS, CAPEC-589: DNS Blocking, CAPEC-590: IP Address Blocking, CAPEC-591: Reflected XSS, CAPEC-592: Stored XSS, CAPEC-593: Session Hijacking, and CAPEC-599: Terrestrial Jamming. Also, the cross-site scripting and obstruction areas were cleaned-up, and missing information was added throughout. In all, 90 patterns and categories were modified, and 7 patterns were deprecated. Other major changes include the addition of a CSV version of the CAPEC List, and an enhancement for navigating the list on the CAPEC website so that your chosen presentation filter is now saved in a cookie so the filter does not have to be continuously updated while you navigate the CAPEC List. There were no schema updates.
There are now 510 total attack patterns listed.
Changes for the new version release include the following:
- New Attack Patterns Added:
|
14 |
- Existing Attack Patterns Updated:
|
88 |
- Attack Patterns Deprecated:
|
7 |
- Existing Categories Updated:
|
3 |
- CAPEC-to-CWE Mapping Removed:
|
118 |
See the complete list of changes at https://capec.mitre.org/data/reports/diff_reports/v2.9_v2.10.html.
Comments are welcome on the CAPEC Research Email Discussion List. Future updates will be noted here and on the CAPEC Research list.
CAPEC Privacy Policy Updated
April 28, 2017 | Share this article
The CAPEC Privacy Policy was updated to notify users that cookies are now being used on the CAPEC website for the sole purpose of saving presentation filter selections so users do not have to continuously update the filter to navigate the CAPEC List.
CAPEC Is Main Topic of Article on IBM’s Security Intelligence Blog
March 27, 2017 | Share this article
CAPEC is the main topic of a March 27, 2017 article by Scott Craig entitled “CAPEC: Making Heads or Tails of Attack Patterns” on IBM’s Security Intelligence blog.
In the article, the author first explains what CAPEC is and the problem it solves, then states: “For the 2017 IBM X-Force Threat Intelligence Index, the X-Force team grouped methods of attack observed in 2016 according to the CAPEC standard. IBM X-Force Threat Research adopted the CAPEC standard for attack categorization because it was developed using methodologies similar to those used in other well-established naming conventions for security terms, such as Common Vulnerabilities and Exposure (CVE). Many IT security professionals are already aware of the CVE dictionary of common names for publicly known cybersecurity vulnerabilities.”
The author then provides an in-depth discussion of CAPEC including a section on the CAPEC hierarchy, explaining in detail what it is and how it benefits analysts: “Using CAPEC instead of other naming conventions should help analysts better recognize which attack patterns they most often see and then prioritize improvements to their security. Just knowing there have been a lot of distributed denial-of-service (DDoS) attacks, for example, doesn’t indicate how to best defend against them because this type of incident can occur as a consequence of different attack patterns.” The author also provides an overview of how CAPEC can help provide clarity in differentiating between consequences, device types, and attack vectors, and provides a real-world example of how this is utilized in the 2017 IBM X-Force Threat Intelligence Index.
The author concludes the article with a call for continued adoption of CAPEC, stating: “I expect to see more and more cybersecurity professionals adopting CAPEC for classifying and communicating about attacks in the near future.”
Read the complete article at https://securityintelligence.com/capec-making-heads-or-tails-of-attack-patterns/.
CAPEC List Version 2.9 Now Available
January 10, 2017 | Share this article
CAPEC Version 2.9 has been posted on the CAPEC List page. A detailed report is available that lists specific changes between Version 2.8 and Version 2.9.
Major changes for Version 2.9 include adding five new attack patterns: CAPEC-594: Traffic Injection, CAPEC-595: Connection Reset, CAPEC-596: TCP RST Injection, CAPEC-597: Absolute Path Traversal, and CAPEC-598: DNS Spoofing. Also, the Mechanisms of Attack view was cleaned-up by removing categories that were not mechanisms (but rather more like goals), removing circular relationships, and verifying consistency in the meta->standard->detailed relationship structure. In all, 78 patterns and categories were modified, and 13 patterns and categories were deprecated. There were no schema updates.
There are now 503 total attack patterns listed.
Changes for the new version release include the following:
- New Attack Patterns Added:
|
5 |
- Existing Attack Patterns Updated:
|
67 |
- Attack Patterns Deprecated:
|
6 |
- Existing Categories Updated:
|
15 |
|
|
7 |
- CAPEC-to-CWE Mapping Added:
|
3 |
- CAPEC-to-CWE Mapping Removed:
|
3 |
See the complete list of changes at https://capec.mitre.org/data/reports/diff_reports/v2.8_v2.9.html.
Comments are welcome on the CAPEC Research Email Discussion List. Future updates will be noted here and on the CAPEC Research list.
CAPEC Refreshes Website with Easier-to-Use Navigation Menus & Streamlined CAPEC List Page
January 09, 2017 | Share this article
We have updated the CAPEC website to streamline site navigation for an improved user experience. The main navigation menu is now located in an easy-to-access menu bar at the top of every page, with Section Contents menus for each section of the website just below the new main menu.
The main CAPEC List page has also been streamlined for ease-of-use into four main sections:
Navigate CAPEC – Offers two hierarchical representations, Mechanisms of Attack and Domains of Attack, to help you navigate the entire list according to your specific point of view.
External Mappings – Offers views used to represent mappings to external groupings such as a Top-N list, as well as to express subsets of entries that are related by some external factor.
Helpful Views – Offers additional helpful views based on a specific criteria and hope to provide insight for a certain domain or use case, such as a Comprehensive CAPEC Dictionary, Mobile Device Patterns, etc.
Release Downloads – Provides an archive of previous release versions of the core content downloads, schemas, schema documentation, and difference reports.
Please send any comments or concerns to capec@mitre.org.
More information is available — Please select a different filter.
|
