MITRE

CISA looks to partners to shore up the future of the CVE Program

CISA, CVE, Don't miss, Government, Hot stuff, MITRE, News, USA, vulnerability assessment /

CISA looks to partners to shore up the future of the CVE Program 2025-09-12 at 15:32 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has affirmed its continuing support for the Common Vulnerabilities and Exposures (CVE) program. “If we want to outpace and outmaneuver our adversaries, we must first ensure that defenders […]

React to this headline:

Loading spinner

CISA looks to partners to shore up the future of the CVE Program Read More »

MITRE Updates List of Most Common Hardware Weaknesses

CWE, hardware, MITRE, Vulnerabilities /

MITRE Updates List of Most Common Hardware Weaknesses 2025-08-22 at 10:52 By Ionut Arghire MITRE has updated the list of Most Important Hardware Weaknesses to align it with evolving hardware security challenges. The post MITRE Updates List of Most Common Hardware Weaknesses appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

MITRE Updates List of Most Common Hardware Weaknesses Read More »

MITRE Unveils AADAPT Framework to Tackle Cryptocurrency Threats 

AADAPT, Cryptocurrency, framework, MITRE, Risk Management /

MITRE Unveils AADAPT Framework to Tackle Cryptocurrency Threats  2025-07-15 at 10:19 By Ionut Arghire The MITRE AADAPT framework provides documentation for identifying, investigating, and responding to weaknesses in digital asset payments. The post MITRE Unveils AADAPT Framework to Tackle Cryptocurrency Threats  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

MITRE Unveils AADAPT Framework to Tackle Cryptocurrency Threats  Read More »

New MITRE framework takes aim at crypto threats

Industry news, MITRE /

New MITRE framework takes aim at crypto threats 2025-07-14 at 21:51 By Industry News MITRE has introduced AADAPT (Adversarial Actions in Digital Asset Payment Technologies), a new cybersecurity framework designed to tackle vulnerabilities in digital financial ecosystems, including cryptocurrency platforms. Modeled after the MITRE ATT&CK framework, AADAPT offers developers, policymakers, and financial institutions a structured

React to this headline:

Loading spinner

New MITRE framework takes aim at crypto threats Read More »

Kanvas: Open-source incident response case management tool

cybersecurity, Don't miss, GitHub, Hot stuff, Incident Response, MITRE, News, open source, software, WithSecure /

Kanvas: Open-source incident response case management tool 2025-07-09 at 07:31 By Mirko Zorz Kanvas is an open-source incident response case management tool with a simple desktop interface, built in Python. It gives investigators a place to work with SOD (Spreadsheet of Doom) or similar files, so they can handle key tasks without jumping between different

React to this headline:

Loading spinner

Kanvas: Open-source incident response case management tool Read More »

Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques

CardinalOps, cybersecurity, framework, MITRE, MITRE ATT&CK, News, report, SIEM, SOC, survey, threat detection /

Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques 2025-06-09 at 07:32 By Help Net Security Using the MITRE ATT&CK framework as a baseline, organizations are generally improving year-over-year in understanding security information and event management (SIEM) detection coverage and quality, but plenty of room for improvement remains, according to CardinalOps. MITRE ATT&CK enhances SOC

React to this headline:

Loading spinner

Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques Read More »

Inside MITRE ATT&CK v17: Smarter defenses, sharper threat intel

cybersecurity, Don't miss, framework, Hot stuff, MITRE, MITRE ATT&CK, News, Video /

Inside MITRE ATT&CK v17: Smarter defenses, sharper threat intel 2025-05-19 at 07:04 By Help Net Security In this Help Net Security video, Adam Pennington, MITRE ATT&CK Lead, breaks down what’s new in the ATT&CK v17 release. He highlights the addition of the ESXi platform, new and updated techniques for Linux, refinements to mitigation guidance, and

React to this headline:

Loading spinner

Inside MITRE ATT&CK v17: Smarter defenses, sharper threat intel Read More »

European Vulnerability Database goes live, but who benefits?

Contrast Security, ENISA, EU, Europe, Legit Security, MITRE, NetRise, News /

European Vulnerability Database goes live, but who benefits? 2025-05-14 at 07:20 By Mirko Zorz The European Union Agency for Cybersecurity (ENISA) has unveiled the European Vulnerability Database (EUVD), an initiative under the NIS2 Directive aimed at enhancing digital security across the EU. The database serves as a centralized repository offering aggregated and actionable information on

React to this headline:

Loading spinner

European Vulnerability Database goes live, but who benefits? Read More »

Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs

attack lifecycle, attack tools, Don't miss, ESXi, Hot stuff, Incident Response, MITRE, MITRE ATT&CK, News, threat modeling /

Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs 2025-04-23 at 16:13 By Zeljka Zorz MITRE has released the latest version of its ATT&CK framework, which now also includes a new section (“matrix”) to cover the tactics, techniques and procedures (TTPs) used to target VMware ESXi hypervisors. About MITRE ATT&CK MITRE ATT&CK is a regularly

React to this headline:

Loading spinner

Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs Read More »

MITRE Hackers’ Backdoor Has Targeted Windows for Years

backdoor, BrickStorm, China, Malware & Threats, MITRE /

MITRE Hackers’ Backdoor Has Targeted Windows for Years 2025-04-17 at 12:02 By Ionut Arghire Windows versions of the BrickStorm backdoor that the Chinese APT used in the MITRE hack last year have been active for years. The post MITRE Hackers’ Backdoor Has Targeted Windows for Years appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

MITRE Hackers’ Backdoor Has Targeted Windows for Years Read More »

MITRE CVE Program Gets Last-Hour Funding Reprieve

CISA, CVE, CVE Program, Featured, Government, MITRE, Vulnerabilities /

MITRE CVE Program Gets Last-Hour Funding Reprieve 2025-04-16 at 19:36 By Ryan Naraine The US government’s cybersecurity agency CISA has “executed the option period on the contract” to keep the vulnerability catalog operational. The post MITRE CVE Program Gets Last-Hour Funding Reprieve appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

MITRE CVE Program Gets Last-Hour Funding Reprieve Read More »

Funding uncertainty may spell the end of MITRE’s CVE program

CardinalOps, CVE, Don't miss, Edera, Hot stuff, MITRE, News, VulnCheck, vulnerability disclosure, vulnerability management /

Funding uncertainty may spell the end of MITRE’s CVE program 2025-04-16 at 14:56 By Zeljka Zorz The future of the Common Vulnerabilities and Exposures (CVE) program hangs in the balance: MITRE, the not-for-profit US organization that runs it, could lose the US federal funding that helps them maintain it. But others have been waiting in

React to this headline:

Loading spinner

Funding uncertainty may spell the end of MITRE’s CVE program Read More »

Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques

cybersecurity, Don't miss, GitHub, MITRE, News, open source, software /

Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques 2025-04-16 at 08:01 By Help Net Security MITRE’s Attack Flow project aims to translate complex cyber operations into a structured language. By describing how adversaries sequence and combine offensive techniques to reach their objectives, Attack Flow offers defenders, analysts, and decision-makers a tool to

React to this headline:

Loading spinner

Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques Read More »

MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty

CVE, Featured, Government, MITRE, NIST, NVD, Vulnerabilities /

MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty 2025-04-15 at 23:46 By Ryan Naraine MITRE warns of a deterioration of national vulnerability databases and advisories, slowed vendor reaction and limited response operations. The post MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty Read More »

Moving beyond checkbox security for true resilience

CISO, Compliance, cybersecurity, Don't miss, Features, Hot stuff, MITRE, News, opinion, strategy, threats /

Moving beyond checkbox security for true resilience 2025-03-19 at 08:13 By Mirko Zorz In this Help Net Security interview, William Booth, director, ATT&CK Evaluations at MITRE, discusses how CISOs can integrate regulatory compliance with proactive risk management, prioritize spending based on threat-informed assessments, and address overlooked vulnerabilities like shadow IT and software supply chain risks.

React to this headline:

Loading spinner

Moving beyond checkbox security for true resilience Read More »

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)

CVE, Don't miss, Hot stuff, MITRE, News, open source, PoC, red team, training /

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) 2025-02-28 at 17:03 By Zeljka Zorz Users of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-2025–27364) that may allow unauthenticated attackers to achieve remote code execution. About MITRE Caldera MITRE Caldera is a platform built on the

React to this headline:

Loading spinner

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) Read More »

Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges

Artificial Intelligence, CNA, CVE, cybersecurity, Don't miss, Features, Hot stuff, MITRE, News, opinion, vulnerability management /

Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges 2024-12-02 at 07:12 By Mirko Zorz In this Help Net Security interview, Alec Summers, Project Leader for the CVE Program at MITRE, shares his insights on the 2024 CWE top 25 most dangerous software weaknesses. He discusses the impact of the new methodology that

React to this headline:

Loading spinner

Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges Read More »

MITRE Adds Mitigations to EMB3D Threat Model

ICS, ICS/OT, MITRE /

MITRE Adds Mitigations to EMB3D Threat Model 2024-10-02 at 17:01 By Ionut Arghire MITRE has expanded the EMB3D Threat Model with essential mitigations to help organizations address threats to embedded devices. The post MITRE Adds Mitigations to EMB3D Threat Model appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

MITRE Adds Mitigations to EMB3D Threat Model Read More »

VMware Abused in Recent MITRE Hack for Persistence, Evasion

China APT, Incident Response, MITRE, VMWare /

VMware Abused in Recent MITRE Hack for Persistence, Evasion 2024-05-23 at 17:16 By Eduard Kovacs MITRE has shared information on how China-linked hackers abused VMware for persistence and detection evasion in the recent hack. The post VMware Abused in Recent MITRE Hack for Persistence, Evasion appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

VMware Abused in Recent MITRE Hack for Persistence, Evasion Read More »

MITRE EMB3D Threat Model Officially Released

free tool, IoT Security, MITRE /

MITRE EMB3D Threat Model Officially Released 2024-05-14 at 14:02 By Eduard Kovacs MITRE announced the public availability of the EMB3D threat model for embedded devices used in critical infrastructure. The post MITRE EMB3D Threat Model Officially Released appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

MITRE EMB3D Threat Model Officially Released Read More »

Scroll to Top