mobile-threat-catalogue
mobile-threat-catalogue copied to clipboard
usnistgov
NIST/NCCoE Mobile Threat Catalogue
Entered on behalf of Michael Bartock, NIST. General Comment ------------------------------------------ **Threat ID**: **Type of Comment**: Enter the letter that best describes the nature of your comment - G - General...
## General Comment **Threat ID**: None **Type of Comment**: - G - General **Proposed Change**: Indications of what, if any, proposed countermeasures align with existing standards, such as 800-53 controls...
General Comment ------------------------------------------ **Threat ID**: All **Type of Comment**: G **Proposed Change**: Add newer CVEs. **Justification**: There are no newer CVEs included in the MTC post-2017.
General Comment ------------------------------------------ **Threat ID**: If the comment is specific to a given threat, provide the ID for that threat. Otherwise, leave this blank. **Type of Comment**: T Enter the...
On behalf of Prashanth Thandavamurthy of Arxan Technologies, Inc. ## New Threat **Threat Category**: Application: Vulnerable Application **Threat**: Attacks on mobile health apps and medical devices. **Threat Origin**: None **Exploit...
General Comment ------------------------------------------ **Threat ID**: **Type of Comment**: Enter the letter that best describes the nature of your comment - G - General comments on how information has been presented...
I think it would be very useful to expand the definition of threats using CVSS specification in addition to current categorization. ------------------------------------------ **Threat ID**: **Type of Comment**: G **Proposed Change**:...
## General Comment **Threat ID**: LPN-0 **Type of Comment**: - T - Technical **Proposed Change**: Differentiate between tracking a device by passively listening for SSIDs periodically transmitted by a tracked...
Entered on behalf of Jeffrey Chichonski, NIST. General Comment ------------------------------------------ **Threat ID**: **Type of Comment**: Enter the letter that best describes the nature of your comment - G **Proposed Change**:...
## General Comment **Threat ID**: STA-1 **Type of Comment**: T **Proposed Change**: add to end of title "placing enterprise data at risk" **Justification**: Workshop comment: Make clear that the reason...
