feat: new sources

abgaben/referenzen.bib

@@ -467,6 +467,210 @@
   note         = {Abgerufen am 16.06.2026}
 }
 
+% ── CWE – Neue Einträge ──────────────────────────────────────────────────────
+
+@misc{cwe22,
+  author       = {{MITRE Corporation}},
+  title        = {{CWE-22: Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)}},
+  year         = {2024},
+  url          = {https://cwe.mitre.org/data/definitions/22.html},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{cwe79,
+  author       = {{MITRE Corporation}},
+  title        = {{CWE-79: Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)}},
+  year         = {2024},
+  url          = {https://cwe.mitre.org/data/definitions/79.html},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{cwe200,
+  author       = {{MITRE Corporation}},
+  title        = {{CWE-200: Exposure of Sensitive Information to an Unauthorized Actor}},
+  year         = {2024},
+  url          = {https://cwe.mitre.org/data/definitions/200.html},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{cwe269,
+  author       = {{MITRE Corporation}},
+  title        = {{CWE-269: Improper Privilege Management}},
+  year         = {2024},
+  url          = {https://cwe.mitre.org/data/definitions/269.html},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{cwe284,
+  author       = {{MITRE Corporation}},
+  title        = {{CWE-284: Improper Access Control}},
+  year         = {2024},
+  url          = {https://cwe.mitre.org/data/definitions/284.html},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{cwe311,
+  author       = {{MITRE Corporation}},
+  title        = {{CWE-311: Missing Encryption of Sensitive Data}},
+  year         = {2024},
+  url          = {https://cwe.mitre.org/data/definitions/311.html},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{cwe345,
+  author       = {{MITRE Corporation}},
+  title        = {{CWE-345: Insufficient Verification of Data Authenticity}},
+  year         = {2024},
+  url          = {https://cwe.mitre.org/data/definitions/345.html},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{cwe732,
+  author       = {{MITRE Corporation}},
+  title        = {{CWE-732: Incorrect Permission Assignment for Critical Resource}},
+  year         = {2024},
+  url          = {https://cwe.mitre.org/data/definitions/732.html},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{cwe1357,
+  author       = {{MITRE Corporation}},
+  title        = {{CWE-1357: Reliance on Insufficiently Trustworthy Component}},
+  year         = {2024},
+  url          = {https://cwe.mitre.org/data/definitions/1357.html},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+% ── MITRE ATT&CK – Neue Taktiken & Techniken ────────────────────────────────
+
+@misc{ta0001,
+  author       = {{MITRE Corporation}},
+  title        = {{TA0001: Initial Access}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/tactics/TA0001/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{ta0009,
+  author       = {{MITRE Corporation}},
+  title        = {{TA0009: Collection}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/tactics/TA0009/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{ta0010,
+  author       = {{MITRE Corporation}},
+  title        = {{TA0010: Exfiltration}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/tactics/TA0010/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{ta0011,
+  author       = {{MITRE Corporation}},
+  title        = {{TA0011: Command and Control}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/tactics/TA0011/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{ta0040,
+  author       = {{MITRE Corporation}},
+  title        = {{TA0040: Impact}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/tactics/TA0040/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{t1052,
+  author       = {{MITRE Corporation}},
+  title        = {{T1052: Exfiltration Over Physical Medium}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/techniques/T1052/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{t1195,
+  author       = {{MITRE Corporation}},
+  title        = {{T1195: Supply Chain Compromise}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/techniques/T1195/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{t1486,
+  author       = {{MITRE Corporation}},
+  title        = {{T1486: Data Encrypted for Impact}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/techniques/T1486/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{t1491,
+  author       = {{MITRE Corporation}},
+  title        = {{T1491: Defacement}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/techniques/T1491/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{t1499,
+  author       = {{MITRE Corporation}},
+  title        = {{T1499: Endpoint Denial of Service}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/techniques/T1499/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{t1565,
+  author       = {{MITRE Corporation}},
+  title        = {{T1565: Data Manipulation}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/techniques/T1565/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{t1567,
+  author       = {{MITRE Corporation}},
+  title        = {{T1567: Exfiltration Over Web Service}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/techniques/T1567/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{t1583,
+  author       = {{MITRE Corporation}},
+  title        = {{T1583: Acquire Infrastructure}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/techniques/T1583/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{t1591,
+  author       = {{MITRE Corporation}},
+  title        = {{T1591: Gather Victim Org Information}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/techniques/T1591/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{t1593,
+  author       = {{MITRE Corporation}},
+  title        = {{T1593: Search Open Websites/Domains}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/techniques/T1593/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{t1657,
+  author       = {{MITRE Corporation}},
+  title        = {{T1657: Financial Theft}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/techniques/T1657/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
 % ── MITRE D3FEND - Defensive Gegenmaßnahmen ─────────────────────────────────
 
 @misc{d3anci,
@@ -540,3 +744,97 @@
   url          = {https://d3fend.mitre.org/technique/d3f:StrongPasswordPolicy/},
   note         = {Abgerufen am 16.06.2026}
 }
+
+@misc{d3cspp,
+  author       = {{MITRE Corporation}},
+  title        = {{D3-CSPP: Client-Server Payload Profiling}},
+  year         = {2024},
+  url          = {https://d3fend.mitre.org/technique/d3f:Client-ServerPayloadProfiling/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{d3mencr,
+  author       = {{MITRE Corporation}},
+  title        = {{D3-MENCR: Message Encryption}},
+  year         = {2024},
+  url          = {https://d3fend.mitre.org/technique/d3f:MessageEncryption/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{d3fe,
+  author       = {{MITRE Corporation}},
+  title        = {{D3-FE: File Encryption}},
+  year         = {2024},
+  url          = {https://d3fend.mitre.org/technique/d3f:FileEncryption/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{d3nta,
+  author       = {{MITRE Corporation}},
+  title        = {{D3-NTA: Network Traffic Analysis}},
+  year         = {2024},
+  url          = {https://d3fend.mitre.org/technique/d3f:NetworkTrafficAnalysis/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{d3dencr,
+  author       = {{MITRE Corporation}},
+  title        = {{D3-DENCR: Disk Encryption}},
+  year         = {2024},
+  url          = {https://d3fend.mitre.org/technique/d3f:DiskEncryption/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+% ── CWE – Weitere Einträge (4a-Vertiefung) ──────────────────────────────────
+
+@misc{cwe312,
+  author       = {{MITRE Corporation}},
+  title        = {{CWE-312: Cleartext Storage of Sensitive Information}},
+  year         = {2024},
+  url          = {https://cwe.mitre.org/data/definitions/312.html},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{cwe668,
+  author       = {{MITRE Corporation}},
+  title        = {{CWE-668: Exposure of Resource to Wrong Sphere}},
+  year         = {2024},
+  url          = {https://cwe.mitre.org/data/definitions/668.html},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{cwe1390,
+  author       = {{MITRE Corporation}},
+  title        = {{CWE-1390: Weak Authentication}},
+  year         = {2024},
+  url          = {https://cwe.mitre.org/data/definitions/1390.html},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+% ── MITRE ATT&CK – Weitere Techniken (4a-Vertiefung) ───────────────────────
+
+@misc{t1530,
+  author       = {{MITRE Corporation}},
+  title        = {{T1530: Data from Cloud Storage}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/techniques/T1530/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+@misc{t1213,
+  author       = {{MITRE Corporation}},
+  title        = {{T1213: Data from Information Repositories}},
+  year         = {2024},
+  url          = {https://attack.mitre.org/techniques/T1213/},
+  note         = {Abgerufen am 16.06.2026}
+}
+
+% ── Sonstige ────────────────────────────────────────────────────────────────
+
+@misc{safe_harbor,
+  author       = {{Security Alliance}},
+  title        = {{Coordinated Vulnerability Disclosure Safe Harbor Framework}},
+  year         = {2024},
+  url          = {https://frameworks.securityalliance.org/safe-harbor/overview/},
+  note         = {Abgerufen am 16.06.2026}
+}