Supply Chain Compromise: Compromise Software Supply Chain (T1195.002)
Tactic: Initial Access · Platforms: Linux, Windows, macOS
The interactive view maps 1 detection strategy, 2 mitigations, 9 threat groups, 3 software entries, 2 campaigns to this technique, alongside D3FEND countermeasures and data-component coverage.
Sub-technique of Supply Chain Compromise (T1195).
Overview
Adversaries may manipulate application software prior to receipt by a final consumer for the purpose of data or system compromise. Supply chain compromise of software can take place in a number of ways, including manipulation of the application source code, manipulation of the update/distribution mechanism for that software, or replacing compiled releases with a modified version.
Targeting may be specific to a desired victim set or may be distributed to a broad set of consumers but only move on to additional tactics on specific victims.