{ "version": "1.0", "hash": "d10f8543d9c1409030d81adfc7c1700f", "data": [ { "id": "CTEM-BND-1", "link": "https://ctem.org/docs/ctem-bnd-1", "title": "CTEM-BND-1 - Counterfeit Product Offered for Sale or Use", "description": "Counterfeit versions of an organization's products are being sold, often without authorization, on dark web marketplaces, online pharmacies, or mainstream e-commerce platforms.", "updated_at": "12/5/2024" }, { "id": "CTEM-CRD-1", "link": "https://ctem.org/docs/ctem-crd-1", "title": "CTEM-CRD-1 - Employee Credentials Dumped Publicly", "description": "Credentials and hostname exposed on public platforms.", "updated_at": "12/5/2024" }, { "id": "CTEM-CRD-2", "link": "https://ctem.org/docs/ctem-crd-2", "title": "CTEM-CRD-2 - Vendor System Dump with Credentials", "description": "Credentials and hostname exposed on public platforms.", "updated_at": "12/5/2024" }, { "id": "CTEM-DOM-1", "link": "https://ctem.org/docs/ctem-dom-1", "title": "CTEM-DOM-1 - Typo-Squatted Domain", "description": "domains that closely resemble legitimate domains but contain slight misspellings or variations.", "updated_at": "2/19/2025" }, { "id": "CTEM-DOM-2", "link": "https://ctem.org/docs/ctem-dom-2", "title": "CTEM-DOM-2 - Homoglyph Attack Domain", "description": "domains that exploit characters that look visually similar to those in a legitimate domain name.", "updated_at": "2/19/2025" }, { "id": "CTEM-DOM-3", "link": "https://ctem.org/docs/ctem-dom-3", "title": "CTEM-DOM-3 - Phishing Indicator Domain", "description": "domains that exhibit characteristics suggesting they are intended for phishing activities.", "updated_at": "2/19/2025" }, { "id": "CTEM-DOM-4", "link": "https://ctem.org/docs/ctem-dom-4", "title": "CTEM-DOM-4 - Brand Impersonation Domain", "description": "domains that mimic the naming conventions or structure of a legitimate organization\u2019s domain to deceive users.", "updated_at": "2/19/2025" }, { "id": "CTEM-EXP-1", "link": "https://ctem.org/docs/ctem-exp-1", "title": "CTEM-EXP-1 - Directly Connected Internal System", "description": "A system directly connected to the customer\u2019s internal network (e.g., routers, on-prem servers).", "updated_at": "12/5/2024" }, { "id": "CTEM-EXP-2", "link": "https://ctem.org/docs/ctem-exp-2", "title": "CTEM-EXP-2 - Remote Site-Owned System Presumed Connected", "description": "A system owned by a subsidiary, affiliate, or remote office of the organization that is presumed to be connected to the customer\u2019s internal network.", "updated_at": "12/5/2024" }, { "id": "CTEM-EXP-3", "link": "https://ctem.org/docs/ctem-exp-3", "title": "CTEM-EXP-3 - Corporate Internet-Exposed Gateway Device", "description": "Internet gateway device publicly exposed to the internet", "updated_at": "12/5/2024" }, { "id": "CTEM-EXP-4", "link": "https://ctem.org/docs/ctem-exp-4", "title": "CTEM-EXP-4 - Corporate Cloud-Connected System", "description": "A business application exposed to the Internet", "updated_at": "12/5/2024" }, { "id": "CTEM-EXP-5", "link": "https://ctem.org/docs/ctem-exp-5", "title": "CTEM-EXP-5 - Presumed Company System by Branding", "description": "A system believed to belong to or support the company but without clear ownership or explicit connection to internal networks.", "updated_at": "12/5/2024" }, { "id": "CTEM-EXP-6", "link": "https://ctem.org/docs/ctem-exp-6", "title": "CTEM-EXP-6 - Contractor/Vendor-Managed System", "description": "A system managed by a contractor or vendor that supports the customer\u2019s operations but is not under their direct control.", "updated_at": "12/5/2024" }, { "id": "CTEM-FIN-1", "link": "https://ctem.org/docs/ctem-fin-1", "title": "CTEM-FIN-1 - Corporate Bank Account / Routing Information Exposed", "description": "No description available", "updated_at": "12/5/2024" }, { "id": "CTEM-FIN-2", "link": "https://ctem.org/docs/ctem-fin-2", "title": "CTEM-FIN-2 - Accounts Payable Information Exposure", "description": "No description available", "updated_at": "12/5/2024" }, { "id": "CTEM-INF-1", "link": "https://ctem.org/docs/ctem-inf-1", "title": "CTEM-INF-1 - Infected Corporate Owned Device", "description": "Corporate owned device infected with malware.", "updated_at": "12/5/2024" }, { "id": "CTEM-INF-2", "link": "https://ctem.org/docs/ctem-inf-2", "title": "CTEM-INF-2 - Infected Vendor Owned Device", "description": "Vendor device infected and connected to systems they manage.", "updated_at": "12/5/2024" }, { "id": "CTEM-INF-3", "link": "https://ctem.org/docs/ctem-inf-3", "title": "CTEM-INF-3 - Infected Employee Owned Device (Corporate Credentials)", "description": "a personal device found to have been connected to corporate systems (e.g. web mail)", "updated_at": "12/5/2024" }, { "id": "CTEM-INF-4", "link": "https://ctem.org/docs/ctem-inf-4", "title": "CTEM-INF-4 - Infected Employee Owned Device (Personal Use of Corporate Identity)", "description": "a personal device found to use some corporate identities (e.g. uses company email to log into external systems like netflix, facebook, etc)", "updated_at": "12/5/2024" }, { "id": "CTEM-INF-5", "link": "https://ctem.org/docs/ctem-inf-5", "title": "CTEM-INF-5 - Infected Customer Owned Device", "description": "a customer's infected device with credentials to a company owned service", "updated_at": "12/5/2024" }, { "id": "CTEM-INF-6", "link": "https://ctem.org/docs/ctem-inf-6", "title": "CTEM-INF-6 - Infected Employee Owned Device (Internal Network Connected)", "description": "a personal device found to have been connected to corporate systems (e.g. web mail)", "updated_at": "12/5/2024" }, { "id": "CTEM-INF-7", "link": "https://ctem.org/docs/ctem-inf-7", "title": "CTEM-INF-7 - Infected Employee Owned Device (3rd Party Business Use of Corporate Identity)", "description": "No description available", "updated_at": "12/5/2024" }, { "id": "CTEM-RAN-1", "link": "https://ctem.org/docs/ctem-ran-1", "title": "CTEM-RAN-1 - Ransom Dump (Supplier)", "description": "Supplier's sensitive data leaked via ransomware attack.", "updated_at": "12/5/2024" }, { "id": "CTEM-RAN-2", "link": "https://ctem.org/docs/ctem-ran-2", "title": "CTEM-RAN-2 - Ransom Dump (Customer)", "description": "Customer's data leaked due to a ransomware attack.", "updated_at": "12/5/2024" }, { "id": "CTEM-SRC-1", "link": "https://ctem.org/docs/ctem-src-1", "title": "CTEM-SRC-1 - Public Source Code Repository - Company Sanctioned", "description": "No description available", "updated_at": "12/5/2024" }, { "id": "CTEM-SRC-2", "link": "https://ctem.org/docs/ctem-src-2", "title": "CTEM-SRC-2 - Public Source Code Repository - Employee Created", "description": "No description available", "updated_at": "12/5/2024" }, { "id": "CTEM-SRC-3", "link": "https://ctem.org/docs/ctem-src-3", "title": "CTEM-SRC-3 - Public Source Code Repository - Vendor Owned", "description": "No description available", "updated_at": "12/5/2024" }, { "id": "CTEM-SRC-4", "link": "https://ctem.org/docs/ctem-src-4", "title": "CTEM-SRC-4 - Public Source Code Repository - Unrelated 3rd Party", "description": "No description available", "updated_at": "12/5/2024" }, { "id": "CTEM-SRC-5", "link": "https://ctem.org/docs/ctem-src-5", "title": "CTEM-SRC-5 - Public Source Code Repository - Unrelated Company Comment / Issue", "description": "No description available", "updated_at": "12/5/2024" } ] }