Skip to content

Hide Navigation Hide TOC

Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564)

New mobile operating system versions bring not only patches against discovered vulnerabilities but also often bring security architecture improvements that provide resilience against potential vulnerabilities or weaknesses that have not yet been discovered. They may also bring improvements that block use of observed adversary techniques.

Cluster A Galaxy A Cluster B Galaxy B Level
Stored Application Data - T1409 (702055ac-4e54-4ae9-9527-e23a38e0b160) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Compromise Application Executable - T1577 (d3bc5020-f6a2-41c0-8ccb-5e563101b60c) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
URI Hijacking - T1635.001 (789ef15a-34d9-4b32-a779-8cbbc9eb32f5) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Transmitted Data Manipulation - T1641.001 (74e6003f-c7f4-4047-983b-708cc19b96b6) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Application Versioning - T1661 (28fdd23d-aee3-4afe-bc3f-5f1f52929258) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Geofencing - T1627.001 (e422b6fa-4739-46b9-992e-82f1b350c780) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Security Software Discovery - T1418.001 (1d44f529-6fe6-489f-8a01-6261ac43f05e) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Video Capture - T1512 (d8940e76-f9c1-4912-bea6-e21c251370b6) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Endpoint Denial of Service - T1642 (eb6cf439-1bcb-4d10-bc68-1eed844ed7b3) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
GUI Input Capture - T1417.002 (4c58b7c6-a839-4789-bda9-9de33e4d4512) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Adversary-in-the-Middle - T1638 (08e22979-d320-48ed-8711-e7bf94aabb13) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Device Administrator Permissions - T1626.001 (9c049d7b-c92a-4733-9381-27e2bd2ccadc) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Download New Code at Runtime - T1407 (6c49d50f-494d-4150-b774-a655022d20a6) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Suppress Application Icon - T1628.001 (f05fc151-aa62-47e3-ae57-2d1b23d64bf6) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Prevent Application Removal - T1629.001 (dc01774a-d1c1-45fb-b506-0a5d1d6593d9) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Process Discovery - T1424 (1b51f5bc-b97a-498a-8dbd-bc6b1901bf19) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Audio Capture - T1429 (6683aa0c-d98a-4f5b-ac57-ca7e9934a760) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Device Lockout - T1629.002 (acf8fd2a-dc98-43b4-8d37-64e10728e591) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Execution Guardrails - T1627 (498e7b81-238d-404c-aa5e-332904d63286) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Protected User Data - T1636 (11c2c2b7-1fd4-408f-bc2e-fe772ef9df5e) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Subvert Trust Controls - T1632 (79cb02f4-ac4e-4335-8b51-425c9573cce1) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Steal Application Access Token - T1635 (233fe2c0-cb41-4765-b454-e0087597fbce) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Clipboard Data - T1414 (c4b96c0b-cb58-497a-a1c2-bb447d79d692) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Broadcast Receivers - T1624.001 (3775a580-a1d1-46c4-8147-c614a715f2e9) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Data Manipulation - T1641 (c548d8c4-a0a3-4a24-bb79-2a84abbc7b36) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Event Triggered Execution - T1624 (d446b9f0-06a9-4a8d-97ee-298cfee84f14) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Code Signing Policy Modification - T1632.001 (fcb11f06-ce0e-490b-bcc1-04a1623579f0) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Software Discovery - T1418 (198ce408-1470-45ee-b47f-7056050d4fc2) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
File and Directory Discovery - T1420 (cf28ca46-1fd3-46b4-b1f6-ec0b72361848) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
Replication Through Removable Media - T1458 (667e5707-3843-4da8-bd34-88b922526f0d) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern Use Recent OS Version - M1006 (0beabf44-e8d8-4ae4-9122-ef56369a2564) Course of Action 1
URI Hijacking - T1635.001 (789ef15a-34d9-4b32-a779-8cbbc9eb32f5) Attack Pattern Steal Application Access Token - T1635 (233fe2c0-cb41-4765-b454-e0087597fbce) Attack Pattern 2
Data Manipulation - T1641 (c548d8c4-a0a3-4a24-bb79-2a84abbc7b36) Attack Pattern Transmitted Data Manipulation - T1641.001 (74e6003f-c7f4-4047-983b-708cc19b96b6) Attack Pattern 2
Geofencing - T1627.001 (e422b6fa-4739-46b9-992e-82f1b350c780) Attack Pattern Execution Guardrails - T1627 (498e7b81-238d-404c-aa5e-332904d63286) Attack Pattern 2
Security Software Discovery - T1418.001 (1d44f529-6fe6-489f-8a01-6261ac43f05e) Attack Pattern Software Discovery - T1418 (198ce408-1470-45ee-b47f-7056050d4fc2) Attack Pattern 2
Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad) Attack Pattern GUI Input Capture - T1417.002 (4c58b7c6-a839-4789-bda9-9de33e4d4512) Attack Pattern 2
Device Administrator Permissions - T1626.001 (9c049d7b-c92a-4733-9381-27e2bd2ccadc) Attack Pattern Abuse Elevation Control Mechanism - T1626 (08ea902d-ecb5-47ed-a453-2798057bb2d3) Attack Pattern 2
Suppress Application Icon - T1628.001 (f05fc151-aa62-47e3-ae57-2d1b23d64bf6) Attack Pattern Hide Artifacts - T1628 (fc53309d-ebd5-4573-9242-57024ebdad4f) Attack Pattern 2
Wi-Fi Discovery - T1422.002 (be63612f-a48f-44f2-a7a6-1763509fcf80) Attack Pattern System Network Configuration Discovery - T1422 (d4536441-1bcc-49fa-80ae-a596ed3f7ffd) Attack Pattern 2
Impair Defenses - T1629 (20b0931a-8952-42ca-975f-775bad295f1a) Attack Pattern Prevent Application Removal - T1629.001 (dc01774a-d1c1-45fb-b506-0a5d1d6593d9) Attack Pattern 2
Impair Defenses - T1629 (20b0931a-8952-42ca-975f-775bad295f1a) Attack Pattern Device Lockout - T1629.002 (acf8fd2a-dc98-43b4-8d37-64e10728e591) Attack Pattern 2
Broadcast Receivers - T1624.001 (3775a580-a1d1-46c4-8147-c614a715f2e9) Attack Pattern Event Triggered Execution - T1624 (d446b9f0-06a9-4a8d-97ee-298cfee84f14) Attack Pattern 2
Subvert Trust Controls - T1632 (79cb02f4-ac4e-4335-8b51-425c9573cce1) Attack Pattern Code Signing Policy Modification - T1632.001 (fcb11f06-ce0e-490b-bcc1-04a1623579f0) Attack Pattern 2