CAPEC 562 Modify Shared File

Description

🇬🇧 English Original 🇮🇹 Italiano AI Translated

An adversary manipulates the files in a shared location by adding malicious programs, scripts, or exploit code to valid content. Once a user opens the shared content, the tainted content is executed.

AI Generated Translation

Un adversary manipola i file in una posizione condivisa aggiungendo programmi dannosi, script o codice di exploit al contenuto valido. Una volta che un utente apre il contenuto condiviso, il contenuto infetto viene eseguito.

Mitigations

1

Disallow Shared Content. Protect Shared Folders By Minimizing Users That Have Write Access. Use Utilities That Mitigate Exploitation Like The Microsoft Enhanced Mitigation Experience Toolkit (Emet) To Prevent Exploits From Being Run.

Consequences

Consequence Information

{'impacts': [], 'impacts_translate': [], 'scopes': [], 'scopes_translate': []}

Relationships

Parent CAPECs

CAPEC-17

Related ATT&CK Techniques

1

T1080

Taint Shared Content

Adversaries may deliver payloads to remote systems by adding content to shared storage locations, such as network drives or internal …