{ "schema_version": "atlas.navigator-manifest.v1", "generated_at": "2026-05-17T18:46:39.617Z", "caveat": "Based on MITRE ATLAS public data, not proof of any organization’s internal security maturity.", "source": { "repo_url": "https://github.com/mitre-atlas/atlas-data", "canonical_url": "https://atlas.mitre.org/", "maintenance_url": "https://github.com/mitre-atlas/atlas-data", "repo_commit": "8ee2c689a7d3c65ddf2bfe4950a4f3ecffa6f48b", "repo_tag": "v5.6.1", "yaml_version": "5.6.0", "release_date": "2026-05-05T21:59:10-04:00", "commit_message": "Release v5.6.1" }, "navigator_repo": { "repo_url": "https://github.com/mitre-atlas/atlas-navigator-data", "repo_commit": "6f66878fc7571c3ae2bb129cfd160568688b4a0c", "repo_tag": "v1.16.0", "release_date": "2026-04-30T18:45:56Z", "commit_message": "ATLAS 5.6.0 and ATT&CK 19.0" }, "summary": { "default_layers": 2, "case_study_layers": 57, "stix_files": 2, "opencti_bundles": 8, "total_files": 69 }, "default_layers": [ { "id": "atlas_layer_matrix", "label": "ATLAS Matrix", "path": "/data/external/atlas/navigator/atlas_layer_matrix.json", "bytes": 21089, "sha256": "2df4493ba362ecc4a4e77b892bcc059895104c521fc1b81cbf94b70272d4ae0e" }, { "id": "atlas_case_study_frequency", "label": "ATLAS Case Study Frequency", "path": "/data/external/atlas/navigator/atlas_case_study_frequency.json", "bytes": 19569, "sha256": "16cb86e1b05dbbe37ff3f5e245a30a8907b5a1a42b709f7250fce850cfbaeded" } ], "case_study_layers": [ { "id": "AML.CS0017", "label": "Bypassing ID.me Identity Verification", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0017.json", "bytes": 2225, "sha256": "c0215903781ae4cb53be614bbf0787851fb84a1991fe48138d0dc429f9237078", "case_study_type": "incident", "procedure_count": 3, "reference_count": 7 }, { "id": "AML.CS0047", "label": "Code to Deploy Destructive AI Agent Discovered in Amazon Q VS Code Extension", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0047.json", "bytes": 3664, "sha256": "3453e629f6224884fc13b8b206390782da500c80b7dc9b000b9b0473feb768a7", "case_study_type": "incident", "procedure_count": 7, "reference_count": 5 }, { "id": "AML.CS0016", "label": "Achieving Code Execution in MathGPT via Prompt Injection", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0016.json", "bytes": 3339, "sha256": "460180da1d43af10926a27dc6edda4b8c7281a03636a130d90ec5f0ad21b3ef8", "case_study_type": "exercise", "procedure_count": 9, "reference_count": 4 }, { "id": "AML.CS0028", "label": "AI Model Tampering via Supply Chain Attack", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0028.json", "bytes": 2236, "sha256": "7aba63d859a5d73b7e73c5e6c2dde428d0387badf5fce59184b36f7068d8f632", "case_study_type": "exercise", "procedure_count": 9, "reference_count": 4 }, { "id": "AML.CS0023", "label": "ShadowRay", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0023.json", "bytes": 2193, "sha256": "bfa38aa6a85794b719312f2d1c853ae538d701b7e63299022da27c7ce636809d", "case_study_type": "incident", "procedure_count": 7, "reference_count": 4 }, { "id": "AML.CS0030", "label": "LLM Jacking", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0030.json", "bytes": 2051, "sha256": "0f08a7604d1c118ccd9b3bda912142ae6748a09e8b10cd473cb93a2548578c1c", "case_study_type": "incident", "procedure_count": 7, "reference_count": 4 }, { "id": "AML.CS0022", "label": "ChatGPT Package Hallucination", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0022.json", "bytes": 1453, "sha256": "0c1694e7c7749de9d734952e2e66d4443ebaea04830ba774f70355b4d057ee5f", "case_study_type": "exercise", "procedure_count": 6, "reference_count": 4 }, { "id": "AML.CS0008", "label": "ProofPoint Evasion", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0008.json", "bytes": 1472, "sha256": "3f7175922fdbcda00c6ecd6d45f851d14d009ead652d55aea46b3a41a729c707", "case_study_type": "exercise", "procedure_count": 5, "reference_count": 4 }, { "id": "AML.CS0009", "label": "Tay Poisoning", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0009.json", "bytes": 1417, "sha256": "0d380f7d918d2e38390eb38c60cb7fced31d9c200455222c46f16c3253a9396b", "case_study_type": "incident", "procedure_count": 4, "reference_count": 4 }, { "id": "AML.CS0026", "label": "Financial Transaction Hijacking with M365 Copilot as an Insider", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0026.json", "bytes": 5771, "sha256": "75805b785d05546a92697fe2f7cf7eb95ee3050c6831843de6e1e95740d4d89d", "case_study_type": "exercise", "procedure_count": 14, "reference_count": 3 }, { "id": "AML.CS0005", "label": "Attack on Machine Translation Services", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0005.json", "bytes": 1933, "sha256": "aaa30a6fc77deabc80a797eaad19109e00d801689956121020f921a0cb3c330c", "case_study_type": "exercise", "procedure_count": 9, "reference_count": 3 }, { "id": "AML.CS0034", "label": "ProKYC: Deepfake Tool for Account Fraud Attacks", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0034.json", "bytes": 1934, "sha256": "bde311916530ae7b23d6fd75a5fdcc3ac1c73932646ce0da99167146bfe71ccf", "case_study_type": "incident", "procedure_count": 9, "reference_count": 3 }, { "id": "AML.CS0044", "label": "LAMEHUG: Malware Leveraging Dynamic AI-Generated Commands", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0044.json", "bytes": 2299, "sha256": "ea5ba829e07aa11cc9afbe80d53dac97b3a839b2f4d0070d4293738d7c9daca4", "case_study_type": "incident", "procedure_count": 8, "reference_count": 3 }, { "id": "AML.CS0006", "label": "ClearviewAI Misconfiguration", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0006.json", "bytes": 1856, "sha256": "732e35f1ade0cabdbf3832b521189a361072c3ac851208d594252252f172ad34", "case_study_type": "incident", "procedure_count": 4, "reference_count": 3 }, { "id": "AML.CS0037", "label": "Data Exfiltration via Agent Tools in Copilot Studio", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0037.json", "bytes": 3065, "sha256": "d2d7685b8752e24ae4dbe1ebfe920b4ab1e9c6da84b0c2420c1dfe962f19d3ba", "case_study_type": "exercise", "procedure_count": 14, "reference_count": 2 }, { "id": "AML.CS0052", "label": "LLMSmith: RCE Vulnerabilities in LLM-Integrated Applications", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0052.json", "bytes": 2301, "sha256": "a612bc5f56012e221bb5ce6e85d3f5df51ad986c7b6cb242232d452710a1f100", "case_study_type": "exercise", "procedure_count": 12, "reference_count": 2 }, { "id": "AML.CS0050", "label": "OpenClaw 1-Click Remote Code Execution", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0050.json", "bytes": 2892, "sha256": "51f30318709c08ea8eb18c501ca9449983d808a95ffdc72058d69d08052e7bab", "case_study_type": "exercise", "procedure_count": 9, "reference_count": 2 }, { "id": "AML.CS0001", "label": "Botnet Domain Generation Algorithm (DGA) Detection Evasion", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0001.json", "bytes": 1659, "sha256": "8ae1c0ce618185239b04227c72fc1b0284b80c80d03892ef42e2da874fa5d681", "case_study_type": "exercise", "procedure_count": 6, "reference_count": 2 }, { "id": "AML.CS0003", "label": "Bypassing Cylance's AI Malware Detection", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0003.json", "bytes": 1234, "sha256": "35fdabafe75051c1bca49cf788bb4b72900ba78ff5790c4408969127db2c629b", "case_study_type": "exercise", "procedure_count": 6, "reference_count": 2 }, { "id": "AML.CS0007", "label": "GPT-2 Model Replication", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0007.json", "bytes": 1631, "sha256": "49cadec5a6eeff8000e131b0691c8e8e344787f3ecdafd71993ee5c535713602", "case_study_type": "exercise", "procedure_count": 5, "reference_count": 2 }, { "id": "AML.CS0032", "label": "Attempted Evasion of ML Phishing Webpage Detection System", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0032.json", "bytes": 1956, "sha256": "452e866887481faa837dac39bec49410713f38c87af448a40917d2735c11178d", "case_study_type": "incident", "procedure_count": 4, "reference_count": 2 }, { "id": "AML.CS0015", "label": "Compromised PyTorch Dependency Chain", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0015.json", "bytes": 1421, "sha256": "2307d2fd0261289d6c9c53e3870065222bbd1e3f9fbf76bcc3425a347367a35c", "case_study_type": "incident", "procedure_count": 3, "reference_count": 2 }, { "id": "AML.CS0051", "label": "OpenClaw Command & Control via Prompt Injection", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0051.json", "bytes": 2894, "sha256": "68c09aad6be3bf060bd1434d4ad3ad99bdaf47f7255f4f691d7f34402cdffa3d", "case_study_type": "exercise", "procedure_count": 18, "reference_count": 1 }, { "id": "AML.CS0027", "label": "Organization Confusion on Hugging Face", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0027.json", "bytes": 3003, "sha256": "2f9c3f396aaa699f5ce5711891c0ce06812691d879b30d7394013dce4394c37e", "case_study_type": "exercise", "procedure_count": 16, "reference_count": 1 }, { "id": "AML.CS0036", "label": "AIKatz: Attacking LLM Desktop Applications", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0036.json", "bytes": 2731, "sha256": "f17ae54d30b7beffa32475d43a177b3a87e4b8bf22de7898f98278db1e2d71b2", "case_study_type": "exercise", "procedure_count": 13, "reference_count": 1 }, { "id": "AML.CS0045", "label": "Data Exfiltration via an MCP Server used by Cursor", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0045.json", "bytes": 2205, "sha256": "86451ac655734a788317fe698e9008c8e7ac1f71f5844a6d896257220ba649a2", "case_study_type": "exercise", "procedure_count": 11, "reference_count": 1 }, { "id": "AML.CS0049", "label": "Supply Chain Compromise via Poisoned ClawdBot Skill", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0049.json", "bytes": 2260, "sha256": "48c037fadbceccda7cc44d805832af38a16dbfaa12e891a174bd168fdbd3a0c0", "case_study_type": "exercise", "procedure_count": 11, "reference_count": 1 }, { "id": "AML.CS0013", "label": "Backdoor Attack on Deep Learning Models in Mobile Apps", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0013.json", "bytes": 2024, "sha256": "c2a8454135e1526b29549d61ac7157e826dd1fa8facb581c69e30aba0ffa8b4a", "case_study_type": "exercise", "procedure_count": 10, "reference_count": 1 }, { "id": "AML.CS0048", "label": "Exposed ClawdBot Control Interfaces Leads to Credential Access and Execution", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0048.json", "bytes": 3562, "sha256": "ad075524c23fef7d940c09dc4f2c274e76e8e2a62f32c403de4e1aacba3c56bb", "case_study_type": "exercise", "procedure_count": 10, "reference_count": 1 }, { "id": "AML.CS0014", "label": "Confusing Antimalware Neural Networks", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0014.json", "bytes": 1955, "sha256": "e4970c64d2c8b6445040d0d90b2032f2477ac8d8d40d5adceb6ca4e6cfead1b9", "case_study_type": "exercise", "procedure_count": 9, "reference_count": 1 }, { "id": "AML.CS0041", "label": "Rules File Backdoor: Supply Chain Attack on AI Coding Assistants", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0041.json", "bytes": 2330, "sha256": "99a39f5edb7feebcee19d635fbdb482798203fee9e4a3724ac5ecab941d1231b", "case_study_type": "exercise", "procedure_count": 9, "reference_count": 1 }, { "id": "AML.CS0053", "label": "Poisoned Postmark MCP Server Email Exfiltration", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0053.json", "bytes": 2342, "sha256": "73488562920138d201d57fad9d90c0e2729525e878ec2ecbd5bfe7d23e7ca608", "case_study_type": "incident", "procedure_count": 9, "reference_count": 1 }, { "id": "AML.CS0054", "label": "Data Exfiltration via Remote Poisoned MCP Tool", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0054.json", "bytes": 2139, "sha256": "f30a8bacaf7aabdfeddbe1df357c063608b24c4b1a0812f7df8c46b5db772f1b", "case_study_type": "exercise", "procedure_count": 9, "reference_count": 1 }, { "id": "AML.CS0004", "label": "Camera Hijack Attack on Facial Recognition System", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0004.json", "bytes": 1687, "sha256": "2bec7f8402b539a9607c00ac19fd4294e50880aa945c7bd4b002d9129b116e77", "case_study_type": "incident", "procedure_count": 8, "reference_count": 1 }, { "id": "AML.CS0018", "label": "Arbitrary Code Execution with Google Colab", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0018.json", "bytes": 2638, "sha256": "83545474e82070301a4e8631f6038ea62c1777375e382af155f0865f0fc71f3e", "case_study_type": "exercise", "procedure_count": 8, "reference_count": 1 }, { "id": "AML.CS0035", "label": "Data Exfiltration from Slack AI via Indirect Prompt Injection", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0035.json", "bytes": 2430, "sha256": "a46c557fa98513309e9da3cc37e384d07650e43ec08a6595c77a32d175f54940", "case_study_type": "exercise", "procedure_count": 8, "reference_count": 1 }, { "id": "AML.CS0039", "label": "Living Off AI: Prompt Injection via Jira Service Management", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0039.json", "bytes": 1932, "sha256": "a6aca74e7359365565c7b5e7f5d4a1566e79b389dcbf83c15433f69888478acd", "case_study_type": "exercise", "procedure_count": 8, "reference_count": 1 }, { "id": "AML.CS0043", "label": "Malware Prototype with Embedded Prompt Injection", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0043.json", "bytes": 2812, "sha256": "0d8f49bdd9c3663947c547f0e2b7b69c6e117c1936c518571db1d5cc03b0e086", "case_study_type": "incident", "procedure_count": 8, "reference_count": 1 }, { "id": "AML.CS0055", "label": "AI ClickFix: Hijacking Computer-Use Agents Using ClickFix", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0055.json", "bytes": 2398, "sha256": "e88941c9cdcd983be3569d587fe61f4899e6226d15a69f8375add1cf026fe8f8", "case_study_type": "exercise", "procedure_count": 8, "reference_count": 1 }, { "id": "AML.CS0019", "label": "PoisonGPT", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0019.json", "bytes": 1507, "sha256": "6839748d735e2d363883facbe2699b007d29ee60e5e5e2de4b80cc33b1357c22", "case_study_type": "exercise", "procedure_count": 7, "reference_count": 1 }, { "id": "AML.CS0021", "label": "ChatGPT Conversation Exfiltration", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0021.json", "bytes": 1839, "sha256": "8b9bd28baf8e7bd3e3a31d649a695406e22927ebab02de10123962437c790d9d", "case_study_type": "exercise", "procedure_count": 7, "reference_count": 1 }, { "id": "AML.CS0024", "label": "Morris II Worm: RAG-Based Attack", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0024.json", "bytes": 2169, "sha256": "905e20969214d61093ec74350b8ad6fd6d131ff331d864b1f4445a765deefe6e", "case_study_type": "exercise", "procedure_count": 7, "reference_count": 1 }, { "id": "AML.CS0029", "label": "Google Bard Conversation Exfiltration", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0029.json", "bytes": 2098, "sha256": "c859ef9525d4d03961d7830f9b4b922e775abb4feee78b11ab98009e287a5730", "case_study_type": "exercise", "procedure_count": 7, "reference_count": 1 }, { "id": "AML.CS0040", "label": "Hacking ChatGPT’s Memories with Prompt Injection", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0040.json", "bytes": 1808, "sha256": "cd5ffd05180ad44c429a2002093ed28c4e9c0350acc0dd79332cccd795bd6631", "case_study_type": "exercise", "procedure_count": 7, "reference_count": 1 }, { "id": "AML.CS0046", "label": "Data Destruction via Indirect Prompt Injection Targeting Claude Computer-Use", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0046.json", "bytes": 2563, "sha256": "1a7594da7a1a15eea72571efd6ec321b1a0bbeb736bd714c9c9f07baddf00cef", "case_study_type": "exercise", "procedure_count": 7, "reference_count": 1 }, { "id": "AML.CS0056", "label": "Model Distillation Campaigns Targeting Anthropic Claude", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0056.json", "bytes": 1989, "sha256": "b9ef80de0822c3260f63e56b9b0e88316f39c4b28c639bb5017db4b35694041d", "case_study_type": "incident", "procedure_count": 7, "reference_count": 1 }, { "id": "AML.CS0000", "label": "Evasion of Deep Learning Detector for Malware C&C Traffic", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0000.json", "bytes": 1477, "sha256": "cb2e1a230954ad5e0fcfeffeb13f4468575e36c68aaae568953259e69879d68a", "case_study_type": "exercise", "procedure_count": 6, "reference_count": 1 }, { "id": "AML.CS0025", "label": "Web-Scale Data Poisoning: Split-View Attack", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0025.json", "bytes": 1724, "sha256": "8552a61c2c9c0922b879eb57ce9a9718dc4037b7c882048149a47bea676210e9", "case_study_type": "exercise", "procedure_count": 6, "reference_count": 1 }, { "id": "AML.CS0031", "label": "Malicious Models on Hugging Face", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0031.json", "bytes": 2036, "sha256": "626def8c8d7ef4b6234fe8d8dae7490dddc711b77477155f8dd641103501c9c9", "case_study_type": "incident", "procedure_count": 6, "reference_count": 1 }, { "id": "AML.CS0038", "label": "Planting Instructions for Delayed Automatic AI Agent Tool Invocation", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0038.json", "bytes": 1435, "sha256": "92533cdb827c63aee4cbddd57290e748252400e108f57412bdec0c12c0fa96f8", "case_study_type": "exercise", "procedure_count": 6, "reference_count": 1 }, { "id": "AML.CS0020", "label": "Indirect Prompt Injection Threats: Bing Chat Data Pirate", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0020.json", "bytes": 1780, "sha256": "ab445ea31651ee19c188186e61ea19fe9a3d66625b964d992e7506b11805779c", "case_study_type": "exercise", "procedure_count": 5, "reference_count": 1 }, { "id": "AML.CS0042", "label": "SesameOp: Novel backdoor uses OpenAI Assistants API for command and control", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0042.json", "bytes": 1313, "sha256": "d3b76a8ce551b81b5418c18a6ced1e1ec905129e7dd43c1afdfecd364249c481", "case_study_type": "incident", "procedure_count": 1, "reference_count": 1 }, { "id": "AML.CS0012", "label": "Face Identification System Evasion via Physical Countermeasures", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0012.json", "bytes": 1939, "sha256": "9934321bae7d4be5c0801476391a081aac950a474038f14a21391d2612d11bbc", "case_study_type": "exercise", "procedure_count": 10, "reference_count": 0 }, { "id": "AML.CS0033", "label": "Live Deepfake Image Injection to Evade Mobile KYC Verification", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0033.json", "bytes": 2148, "sha256": "c23e96e5cd79e8ddd3a38cecb67226eb475303d872f53a35e0dbe19b569964a0", "case_study_type": "exercise", "procedure_count": 10, "reference_count": 0 }, { "id": "AML.CS0010", "label": "Microsoft Azure Service Disruption", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0010.json", "bytes": 1757, "sha256": "d85248bd3571b7f8b2dc0eb091944602d083821600f26dd55a443d45ae7fdb81", "case_study_type": "exercise", "procedure_count": 8, "reference_count": 0 }, { "id": "AML.CS0011", "label": "Microsoft Edge AI Evasion", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0011.json", "bytes": 1252, "sha256": "33b9d16d0c7516a2db518c74c3825d25b0842cdf48a3e219ce0ac0ee61f88fa7", "case_study_type": "exercise", "procedure_count": 5, "reference_count": 0 }, { "id": "AML.CS0002", "label": "VirusTotal Poisoning", "path": "/data/external/atlas/navigator/case-study-navigator-layers/AML.CS0002.json", "bytes": 1586, "sha256": "18ddc3fd77005eab97095574c63978db3aff55a405f8da353145e5ee3f3747ad", "case_study_type": "incident", "procedure_count": 4, "reference_count": 0 } ], "stix_files": [ { "id": "stix_atlas", "label": "ATLAS STIX bundle", "path": "/data/external/atlas/navigator/stix/stix-atlas.json", "bytes": 453536, "sha256": "a1bd782257de3c8591797ac863aa9b37fe4ae42ef9284bee98bfc2661fdd1c06", "object_types": [ { "type": "relationship", "count": 315 }, { "type": "attack-pattern", "count": 170 }, { "type": "course-of-action", "count": 35 }, { "type": "x-mitre-tactic", "count": 16 }, { "type": "x-mitre-collection", "count": 1 }, { "type": "x-mitre-matrix", "count": 1 } ] }, { "id": "stix_atlas_attack_enterprise", "label": "ATLAS + ATT&CK Enterprise STIX bundle", "path": "/data/external/atlas/navigator/stix/stix-atlas-attack-enterprise.json", "bytes": 39917769, "sha256": "b501c8cf8f09e4916fb02f2e9a941f5270aae1430a262ff565b4f92aa853b106", "object_types": [ { "type": "relationship", "count": 21341 }, { "type": "x-mitre-analytic", "count": 1758 }, { "type": "attack-pattern", "count": 1028 }, { "type": "malware", "count": 729 }, { "type": "x-mitre-detection-strategy", "count": 699 }, { "type": "course-of-action", "count": 303 }, { "type": "intrusion-set", "count": 189 }, { "type": "x-mitre-data-component", "count": 109 }, { "type": "tool", "count": 95 }, { "type": "campaign", "count": 56 }, { "type": "x-mitre-data-source", "count": 38 }, { "type": "x-mitre-tactic", "count": 31 }, { "type": "x-mitre-collection", "count": 2 }, { "type": "identity", "count": 1 }, { "type": "marking-definition", "count": 1 }, { "type": "x-mitre-matrix", "count": 1 } ] } ], "opencti_bundles": [ { "id": "AMLCS0010_ Microsoft Azure Service Disruption_full", "label": "MITRE ATLAS Case Study: Microsoft Azure Service Disruption", "path": "/data/external/atlas/navigator/opencti-bundles/AMLCS0010_ Microsoft Azure Service Disruption_full.json", "bytes": 20030, "sha256": "4c757d71616ea9b2ec97894560fe92195171bce410fd9e25ee95f42ea2882ce0", "report_id": "report--2a5fab52-5c12-56b2-8ca2-5e1e3c8ae6bb", "report_name": "MITRE ATLAS Case Study: Microsoft Azure Service Disruption", "labels": [ "mitre atlas source", "aml.cs0010" ], "object_types": [ { "type": "attack-pattern", "count": 8 }, { "type": "marking-definition", "count": 2 }, { "type": "identity", "count": 1 }, { "type": "incident", "count": 1 }, { "type": "report", "count": 1 } ] }, { "id": "AMLCS0011_ Microsoft Edge AI Evasion_full", "label": "MITRE ATLAS Case Study: Microsoft Edge AI Evasion", "path": "/data/external/atlas/navigator/opencti-bundles/AMLCS0011_ Microsoft Edge AI Evasion_full.json", "bytes": 15895, "sha256": "6991e897b3057914c9cc42484731530dfd221bd5cbd6af1b1079b3e5cb0441dd", "report_id": "report--9a28fd71-78d9-5894-b034-5fadba6c55ad", "report_name": "MITRE ATLAS Case Study: Microsoft Edge AI Evasion", "labels": [ "mitre atlas source", "aml.cs0011" ], "object_types": [ { "type": "attack-pattern", "count": 5 }, { "type": "marking-definition", "count": 2 }, { "type": "identity", "count": 1 }, { "type": "incident", "count": 1 }, { "type": "report", "count": 1 } ] }, { "id": "AMLCS0012_ Face Identification System Evasion via Physical Countermeasures_full", "label": "MITRE ATLAS Case Study: Face Identification System Evasion via Physical Countermeasures", "path": "/data/external/atlas/navigator/opencti-bundles/AMLCS0012_ Face Identification System Evasion via Physical Countermeasures_full.json", "bytes": 22326, "sha256": "bae5c84849f7c6e55b051bde546df818eac79f4e8f135dcf3f3b446a7e4ffca3", "report_id": "report--19c56ce1-da39-5c22-82aa-8ef99fe20770", "report_name": "MITRE ATLAS Case Study: Face Identification System Evasion via Physical Countermeasures", "labels": [ "mitre atlas source", "aml.cs0012" ], "object_types": [ { "type": "attack-pattern", "count": 9 }, { "type": "marking-definition", "count": 2 }, { "type": "identity", "count": 1 }, { "type": "incident", "count": 1 }, { "type": "report", "count": 1 } ] }, { "id": "AMLCS0017_Report-New Jersey Man Indicted in Fraud Scheme to Steal California Unemployment", "label": "New Jersey Man Indicted in Fraud Scheme to Steal California Unemployment Insurance Benefits", "path": "/data/external/atlas/navigator/opencti-bundles/AMLCS0017_Report-New Jersey Man Indicted in Fraud Scheme to Steal California Unemployment.json", "bytes": 28805, "sha256": "610fbe869ca8fb8d1600d9d4ee04741150c1c348c3833cbd27216d32867115c0", "report_id": "report--bde9c7ee-5b75-51d8-8e04-b1f8f934e255", "report_name": "New Jersey Man Indicted in Fraud Scheme to Steal California Unemployment Insurance Benefits", "labels": [ "aml.cs0017", "mitre atlas source" ], "object_types": [ { "type": "relationship", "count": 8 }, { "type": "attack-pattern", "count": 3 }, { "type": "identity", "count": 3 }, { "type": "marking-definition", "count": 2 }, { "type": "incident", "count": 1 }, { "type": "infrastructure", "count": 1 }, { "type": "report", "count": 1 } ] }, { "id": "AMLCS0018_Report-Careful Who You Colab With_ abusing google colaboratory_full", "label": "Careful Who You Colab With: abusing google colaboratory", "path": "/data/external/atlas/navigator/opencti-bundles/AMLCS0018_Report-Careful Who You Colab With_ abusing google colaboratory_full.json", "bytes": 53884, "sha256": "333d5ccff0f684f2203f63dfcac0223bce5ef93f183e94f1a90ef581688ec112", "report_id": "report--2147a19c-bae2-540a-b737-5f16267edb61", "report_name": "Careful Who You Colab With: abusing google colaboratory", "labels": [ "aml.cs0018", "mitre atlas source" ], "object_types": [ { "type": "relationship", "count": 14 }, { "type": "attack-pattern", "count": 8 }, { "type": "identity", "count": 3 }, { "type": "infrastructure", "count": 3 }, { "type": "marking-definition", "count": 2 }, { "type": "incident", "count": 1 }, { "type": "report", "count": 1 } ] }, { "id": "AMLCS0019_Report-PoisonGPT_ How We Hid a Lobotomized LLM on Hugging Face to Spread Fake News_full", "label": "PoisonGPT: How We Hid a Lobotomized LLM on Hugging Face to Spread Fake News", "path": "/data/external/atlas/navigator/opencti-bundles/AMLCS0019_Report-PoisonGPT_ How We Hid a Lobotomized LLM on Hugging Face to Spread Fake News_full.json", "bytes": 46048, "sha256": "f169b50a5519d619179af0a5ee66904f9fda25d375050ff1cf9d002c62afb297", "report_id": "report--5f27a3b3-c9dc-5a0f-80ae-4efe5f75bc5c", "report_name": "PoisonGPT: How We Hid a Lobotomized LLM on Hugging Face to Spread Fake News", "labels": [ "aml.cs0019", "mitre atlas source" ], "object_types": [ { "type": "relationship", "count": 13 }, { "type": "attack-pattern", "count": 7 }, { "type": "infrastructure", "count": 2 }, { "type": "marking-definition", "count": 2 }, { "type": "identity", "count": 1 }, { "type": "incident", "count": 1 }, { "type": "report", "count": 1 } ] }, { "id": "AMLCS0020_Report-Indirect Prompt Injection Threats_ Bing Chat Data Pirate_full", "label": "Indirect Prompt Injection Threats: Bing Chat Data Pirate", "path": "/data/external/atlas/navigator/opencti-bundles/AMLCS0020_Report-Indirect Prompt Injection Threats_ Bing Chat Data Pirate_full.json", "bytes": 24307, "sha256": "4f6b95a6d09b989365218b557d8c61b7b8ad5483eeda787581fe8fbffc017a57", "report_id": "report--34ca3a5c-2ea5-5cba-9603-537db3e911ed", "report_name": "Indirect Prompt Injection Threats: Bing Chat Data Pirate", "labels": [ "aml.cs0020", "mitre atlas source" ], "object_types": [ { "type": "relationship", "count": 6 }, { "type": "attack-pattern", "count": 4 }, { "type": "marking-definition", "count": 2 }, { "type": "identity", "count": 1 }, { "type": "incident", "count": 1 }, { "type": "infrastructure", "count": 1 }, { "type": "report", "count": 1 } ] }, { "id": "AMLCS0021_Report-ChatGPT Plugins_ Data Exfiltration via Images & Cross Plugin Request Forgery_full", "label": "ChatGPT Plugins: Data Exfiltration via Images & Cross Plugin Request Forgery", "path": "/data/external/atlas/navigator/opencti-bundles/AMLCS0021_Report-ChatGPT Plugins_ Data Exfiltration via Images & Cross Plugin Request Forgery_full.json", "bytes": 39598, "sha256": "b4c4a88418831dcec1cc9722ec5bb6e65847624f25132e2d009ae535ef5d369d", "report_id": "report--d8bc5a30-cb37-52e6-b0f8-3ca11a5e36af", "report_name": "ChatGPT Plugins: Data Exfiltration via Images & Cross Plugin Request Forgery", "labels": [ "aml.cs0021", "mitre atlas source", "ml-ready" ], "object_types": [ { "type": "relationship", "count": 10 }, { "type": "attack-pattern", "count": 6 }, { "type": "identity", "count": 3 }, { "type": "marking-definition", "count": 2 }, { "type": "vulnerability", "count": 2 }, { "type": "incident", "count": 1 }, { "type": "infrastructure", "count": 1 }, { "type": "report", "count": 1 } ] } ] }