eiyuki
commented
5 years ago We plan to update deprecated MITRE techniques but do not have a timeframe for doing so.
Using the techniques you listed, the deprecated technique Spear phishing messages with malicious attachments has a very close replacement Spearphishing Attachment However there is nothing in the JSON that would indicate it is a replacement.
Another technique such as Deploy exploit using advertising does not have a clear replacement.
Determining a replacement is a manual process.
borgendorf
As we've been building a tool to display your awesome playbook data, we've noticed that in older campaigns, the MITRE Techniques that are referenced have been deprecated. Are there any plans to go back and update them to the current Technique? One example that stands out is how Phishing was deprecated and replaced with Phishing with Link and Phishing with Attachment.
I can also see the other side of the argument for keeping the historical technique at the time it occurred, but I was just curious if it had come up in your planning. Thanks!