Skip to content

Hide Navigation Hide TOC

Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564)

New mobile operating system versions bring not only patches against discovered vulnerabilities but also often bring security architecture improvements that provide resilience against potential vulnerabilities or weaknesses that have not yet been discovered. They may also bring improvements that block use of observed adversary techniques.

Cluster A Galaxy A Cluster B Galaxy B Level
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Execution Guardrails - T1627 (498e7b81-238d-404c-aa5e-332904d63286) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Steal Application Access Token - T1635 (233fe2c0-cb41-4765-b454-e0087597fbce) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Clipboard Data - T1414 (c4b96c0b-cb58-497a-a1c2-bb447d79d692) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Subvert Trust Controls - T1632 (79cb02f4-ac4e-4335-8b51-425c9573cce1) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Data Manipulation - T1641 (c548d8c4-a0a3-4a24-bb79-2a84abbc7b36) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Broadcast Receivers - T1624.001 (3775a580-a1d1-46c4-8147-c614a715f2e9) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Software Discovery - T1418 (198ce408-1470-45ee-b47f-7056050d4fc2) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Event Triggered Execution - T1624 (d446b9f0-06a9-4a8d-97ee-298cfee84f14) Attack Pattern 1
Code Signing Policy Modification - T1632.001 (fcb11f06-ce0e-490b-bcc1-04a1623579f0) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action File and Directory Discovery - T1420 (cf28ca46-1fd3-46b4-b1f6-ec0b72361848) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Replication Through Removable Media - T1458 (667e5707-3843-4da8-bd34-88b922526f0d) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 1
Compromise Application Executable - T1577 (d3bc5020-f6a2-41c0-8ccb-5e563101b60c) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Stored Application Data - T1409 (702055ac-4e54-4ae9-9527-e23a38e0b160) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Application Versioning - T1661 (28fdd23d-aee3-4afe-bc3f-5f1f52929258) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action URI Hijacking - T1635.001 (789ef15a-34d9-4b32-a779-8cbbc9eb32f5) Attack Pattern 1
Transmitted Data Manipulation - T1641.001 (74e6003f-c7f4-4047-983b-708cc19b96b6) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Geofencing - T1627.001 (e422b6fa-4739-46b9-992e-82f1b350c780) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Security Software Discovery - T1418.001 (1d44f529-6fe6-489f-8a01-6261ac43f05e) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Video Capture - T1512 (d8940e76-f9c1-4912-bea6-e21c251370b6) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Endpoint Denial of Service - T1642 (eb6cf439-1bcb-4d10-bc68-1eed844ed7b3) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action GUI Input Capture - T1417.002 (4c58b7c6-a839-4789-bda9-9de33e4d4512) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Adversary-in-the-Middle - T1638 (08e22979-d320-48ed-8711-e7bf94aabb13) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Device Administrator Permissions - T1626.001 (9c049d7b-c92a-4733-9381-27e2bd2ccadc) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Download New Code at Runtime - T1407 (6c49d50f-494d-4150-b774-a655022d20a6) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Process Discovery - T1424 (1b51f5bc-b97a-498a-8dbd-bc6b1901bf19) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4) Attack Pattern 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Suppress Application Icon - T1628.001 (f05fc151-aa62-47e3-ae57-2d1b23d64bf6) Attack Pattern 1
Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Prevent Application Removal - T1629.001 (dc01774a-d1c1-45fb-b506-0a5d1d6593d9) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action Device Lockout - T1629.002 (acf8fd2a-dc98-43b4-8d37-64e10728e591) Attack Pattern 1
Broadcast Receivers - T1624.001 (3775a580-a1d1-46c4-8147-c614a715f2e9) Attack Pattern Event Triggered Execution - T1624 (d446b9f0-06a9-4a8d-97ee-298cfee84f14) Attack Pattern 2
Code Signing Policy Modification - T1632.001 (fcb11f06-ce0e-490b-bcc1-04a1623579f0) Attack Pattern Subvert Trust Controls - T1632 (79cb02f4-ac4e-4335-8b51-425c9573cce1) Attack Pattern 2
Steal Application Access Token - T1635 (233fe2c0-cb41-4765-b454-e0087597fbce) Attack Pattern URI Hijacking - T1635.001 (789ef15a-34d9-4b32-a779-8cbbc9eb32f5) Attack Pattern 2
Transmitted Data Manipulation - T1641.001 (74e6003f-c7f4-4047-983b-708cc19b96b6) Attack Pattern Data Manipulation - T1641 (c548d8c4-a0a3-4a24-bb79-2a84abbc7b36) Attack Pattern 2
Execution Guardrails - T1627 (498e7b81-238d-404c-aa5e-332904d63286) Attack Pattern Geofencing - T1627.001 (e422b6fa-4739-46b9-992e-82f1b350c780) Attack Pattern 2
Software Discovery - T1418 (198ce408-1470-45ee-b47f-7056050d4fc2) Attack Pattern Security Software Discovery - T1418.001 (1d44f529-6fe6-489f-8a01-6261ac43f05e) Attack Pattern 2
GUI Input Capture - T1417.002 (4c58b7c6-a839-4789-bda9-9de33e4d4512) Attack Pattern Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad) Attack Pattern 2
Device Administrator Permissions - T1626.001 (9c049d7b-c92a-4733-9381-27e2bd2ccadc) Attack Pattern Abuse Elevation Control Mechanism - T1626 (08ea902d-ecb5-47ed-a453-2798057bb2d3) Attack Pattern 2
Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) Attack Pattern System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 2
Suppress Application Icon - T1628.001 (f05fc151-aa62-47e3-ae57-2d1b23d64bf6) Attack Pattern Hide Artifacts - T1628 (fc53309d-ebd5-4573-9242-57024ebdad4f) Attack Pattern 2
Prevent Application Removal - T1629.001 (dc01774a-d1c1-45fb-b506-0a5d1d6593d9) Attack Pattern Impair Defenses - T1629 (20b0931a-8952-42ca-975f-775bad295f1a) Attack Pattern 2
Impair Defenses - T1629 (20b0931a-8952-42ca-975f-775bad295f1a) Attack Pattern Device Lockout - T1629.002 (acf8fd2a-dc98-43b4-8d37-64e10728e591) Attack Pattern 2