SubTechniqueinitial-accessATLAS

AML.T0010.004Container Registry

What it is

An adversary may compromise a victim's container registry by pushing a manipulated container image and overwriting an existing container name and/or tag. Users of the container registry as well as automated CI/CD pipelines may pull the adversary's container image, compromising their AI Supply Chain. This can affect development and deployment environments. Container images may include AI models, so the compromised image could have an AI model which was manipulated by the adversary (See [Manipulate AI Model](/techniques/AML.T0018)).

References

  1. https://atlas.mitre.org/techniques/AML.T0010.004

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

ATLAS
AI Supply Chain Compromise
ATLAS
Publish Poisoned Models
ATLAS
AI Supply Chain Reputation Inflation
Sub-technique
Malicious Image
Technique
Deploy Container
ATLAS
Machine Compromise
Sourced from MITRE ATLAS — Adversarial Threat Landscape for AI Systems. Curated by Adam Lundqvist, SQUR.