mobile-threat-catalogue
mobile-threat-catalogue copied to clipboard
usnistgov
NIST/NCCoE Mobile Threat Catalogue
provide information on OS updates that have countermeasures for the threats listed.
replace the following links: -[^19]: https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.16.2068&rep=rep1&type=pdf -[^20]: https://www.lookout.com/blog/spoofed-wifi-60-minutes -[^37]: https://people.inf.ethz.ch/hvogt/proj/btmp3/Datasheets/Bluetooth_11_Specifications_Book.pdf -[^38]: https://www.bluetooth.com/bluetooth-resources/le-security-study-guide/ new -[^52]: https://www.nbcnewyork.com/investigations/sim-swapping-how-the-latest-cellphone-hacking-scam-works-and-how-to-protect-yourself/3686051/ -[^61]: https://docs.broadcom.com/doc/sans-mobile-threat-protection-a-holistic-approach -[^63]: https://web.cse.ohio-state.edu/~lin.3021/file/NDSS14b.pdf -[^65]: https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=442543 -[^69]: delete -[^70]: https://kipdf.com/stumping-the-mobile-chipset_5afc4b768ead0ed8128b4574.html -[^80]: https://wiki.sei.cmu.edu/confluence/pages/viewpage.action?pageId=87150717 -[^82]: https://www.fortiguard.com/psirt_policy -[^88]:...
Resolves #326 Resolves #331 Resolves #336 Resolves #337 Resolves #350
General Comment ------------------------------------------ **Threat ID**: APP-14: Masquerade as Legitimate Application and APP 31: Masquerading as a Legitimate Application are the same threat. **Proposed Change**: Combine the two threats
STA-37 Add Exploit Example, CVE Example and Countermeasures. - T **Exploit Example**: - Implementing Practical Electrical Glitching Attacks **CVE Example**: - CVE-2020-35553 **Possible Countermeasures**: Mobile App Developer The rigid use...