MITRE

MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days

Featured, MITRE, Nation-State /

MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days 2024-04-22 at 13:16 By Eduard Kovacs MITRE R&D network hacked in early January by a state-sponsored threat group that exploited an Ivanti zero-day vulnerability. The post MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed […]

React to this headline:

Loading spinner

MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days Read More »

GSMA releases Mobile Threat Intelligence Framework

framework, GSMA, MITRE, News /

GSMA releases Mobile Threat Intelligence Framework 2024-04-10 at 06:01 By Help Net Security GSM Association’s Fraud and Security Group (FASG) has published the first version of a framework for describing, in a structured way, how adversaries attack and use mobile networks, based on the tactics, techniques and procedures (TTPs) that they use. The Mobile Threat

React to this headline:

Loading spinner

GSMA releases Mobile Threat Intelligence Framework Read More »

CVE and NVD – A Weak and Fractured Source of Vulnerability Truth

CVE, Featured, MITRE, NVD, Vulnerabilities /

CVE and NVD – A Weak and Fractured Source of Vulnerability Truth 2024-04-03 at 17:17 By Kevin Townsend MITRE is unable to compile a list of all new vulnerabilities, and NIST is unable to subsequently, and consequently, provide an enriched database of all vulnerabilities. What went wrong, and what can be done? The post CVE

React to this headline:

Loading spinner

CVE and NVD – A Weak and Fractured Source of Vulnerability Truth Read More »

Public anxiety mounts over critical infrastructure resilience to cyber attacks

critical infrastructure, cybersecurity, Government, MITRE, News, report, risk, survey, The Harris Poll /

Public anxiety mounts over critical infrastructure resilience to cyber attacks 2024-03-18 at 12:01 By Help Net Security With temporary failures of critical infrastructure on the rise in the recent years, 81% of US residents are worried about how secure critical infrastructure may be, according to MITRE and The Harris Poll. Public views cyberattacks as greatest

React to this headline:

Loading spinner

Public anxiety mounts over critical infrastructure resilience to cyber attacks Read More »

OpenARIA: Open-source edition of the Aviation Risk Identification and Assessment (ARIA)

GitHub, MITRE, News, open source, software /

OpenARIA: Open-source edition of the Aviation Risk Identification and Assessment (ARIA) 2024-03-08 at 06:51 By Mirko Zorz MITRE now offers an open-source version of its Aviation Risk Identification and Assessment (ARIA) software suite, OpenARIA. This initiative is dedicated to enhancing aviation safety and efficiency through the active involvement of the aviation community. ARIA suite The

React to this headline:

Loading spinner

OpenARIA: Open-source edition of the Aviation Risk Identification and Assessment (ARIA) Read More »

Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive

ATT&CK, Featured, Malware & Threats, MITRE, Pincus, Ransomware /

Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive 2024-02-13 at 07:31 By Kevin Townsend A malware tactic dubbed ‘hunter-killer’ is growing, based on an analysis of more than 600,000 malware samples. This may become the standard approach for advanced attacks. The post Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive Read More »

EMB3D Threat Model: Understand threats to embedded devices in critical infrastructure

Industry news, MITRE, Narf, Red Balloon Security /

EMB3D Threat Model: Understand threats to embedded devices in critical infrastructure 14/12/2023 at 11:45 By Industry News Critical infrastructure depends on embedded devices across industries such as oil and natural gas, electric, water management, automotive, medical, satellite, autonomous systems, and unmanned aircraft systems. However, these devices often lack proper security controls and are insufficiently tested

React to this headline:

Loading spinner

EMB3D Threat Model: Understand threats to embedded devices in critical infrastructure Read More »

MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure

framework, ICS/OT, IoT, IoT Security, MITRE, Security Architecture /

MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure 13/12/2023 at 19:02 By Eduard Kovacs MITRE and partners unveil EMB3D, a new threat model designed for critical infrastructure embedded devices. The post MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure Read More »

Modeling organizations’ defensive mechanisms with MITRE D3FEND

CISO, collaboration, Compliance, cybersecurity, Don't miss, Features, framework, Hot stuff, MITRE, News, NSA, opinion, security ROI, security standard, standards, strategy /

Modeling organizations’ defensive mechanisms with MITRE D3FEND 15/11/2023 at 09:02 By Mirko Zorz Funded by the National Security Agency, MITRE’s D3FEND framework is helping to provide standardization, specificity, and repeatability needed by cybersecurity engineers. As the framework moves from the beta version to version 1.0 in 2024, we asked D3FEND creator Peter Kaloroumakis how D3FEND

React to this headline:

Loading spinner

Modeling organizations’ defensive mechanisms with MITRE D3FEND Read More »

MITRE partners with Microsoft to address generative AI security risks

Industry news, Microsoft, MITRE /

MITRE partners with Microsoft to address generative AI security risks 06/11/2023 at 19:32 By Industry News MITRE and Microsoft have added a data-driven generative AI focus to MITRE ATLAS, a community knowledge base that security professionals, AI developers, and AI operators can use as they protect AI-enabled systems. This new framework update and associated new

React to this headline:

Loading spinner

MITRE partners with Microsoft to address generative AI security risks Read More »

MITRE ATT&CK v14 released

Don't miss, enterprise, framework, Hot stuff, MITRE, MITRE ATT&CK, News /

MITRE ATT&CK v14 released 02/11/2023 at 12:16 By Zeljka Zorz MITRE has released MITRE ATT&CK v14, the newest iteration of its popular investigation framework / knowledge base of tactics and techniques employed by cyber attackers. MITRE ATT&CK v14 ATT&CK’s goal is to catalog and categorize behaviors of cyber adversaries in real-world attacks. The framework is

React to this headline:

Loading spinner

MITRE ATT&CK v14 released Read More »

MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros

attacks, Cloud, cybersecurity, Don't miss, education, Features, framework, Government, honeypots, Hot stuff, Incident Response, MITRE, MITRE ATT&CK, network, News, opinion, professional, red team, social media, threats /

MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros 26/09/2023 at 07:32 By Mirko Zorz MITRE ATT&CK, a common language for cybersecurity professionals to communicate with each other and better understand real-world adversary behaviors, celebrates its 10th anniversary this fall. In this Help Net Security interview, project leader Adam Pennington discusses

React to this headline:

Loading spinner

MITRE ATT&CK project leader on why the framework remains vital for cybersecurity pros Read More »

MITRE Caldera for OT now available as extension to open-source platform

CISA, critical infrastructure, DHS, GitHub, HSSEDI, MITRE, News, open source, USA /

MITRE Caldera for OT now available as extension to open-source platform 06/09/2023 at 09:32 By Help Net Security MITRE Caldera for OT is now publicly available as an extension to the open-source Caldera platform, allowing security teams to run automated adversary emulation exercises that are specifically focused on threats to operational technology (OT). The first

React to this headline:

Loading spinner

MITRE Caldera for OT now available as extension to open-source platform Read More »

MITRE and CISA Release Open Source Tool for OT Attack Emulation

CISA, ICS, ICS/OT, MITRE, OT /

MITRE and CISA Release Open Source Tool for OT Attack Emulation 05/09/2023 at 18:18 By Ionut Arghire MITRE and CISA introduce Caldera for OT, a new extension to help security teams emulate attacks targeting operational technology systems. The post MITRE and CISA Release Open Source Tool for OT Attack Emulation appeared first on SecurityWeek. This

React to this headline:

Loading spinner

MITRE and CISA Release Open Source Tool for OT Attack Emulation Read More »

MITRE appoints Deborah Youmans as CIO

Industry news, MITRE /

MITRE appoints Deborah Youmans as CIO 22/08/2023 at 16:01 By Industry News MITRE has named Deborah Youmans as its new chief information officer (CIO). Youmans will oversee more than 400 IT professionals in MITRE’s Enterprise Computing and Information Systems division in areas including innovation and experimentation, information security, enterprise information technology, business and knowledge services,

React to this headline:

Loading spinner

MITRE appoints Deborah Youmans as CIO Read More »

MITRE partners with Robust Intelligence to tackle AI supply chain risks in open-source models

Industry news, MITRE, Robust Intelligence /

MITRE partners with Robust Intelligence to tackle AI supply chain risks in open-source models 10/08/2023 at 16:05 By Industry News MITRE is collaborating with Robust Intelligence to enhance a free tool to help organizations assess the supply chain risks of publicly available artificial intelligence (AI) models online today. The collaboration also includes work with Indiana

React to this headline:

Loading spinner

MITRE partners with Robust Intelligence to tackle AI supply chain risks in open-source models Read More »

The ransomware rollercoaster continues as criminals advance their business models

Black Hat USA 2023, CVE, cybercrime, cybersecurity, Endpoint Security, Fortinet, Malware, MITRE, News, Ransomware, report, survey /

The ransomware rollercoaster continues as criminals advance their business models 09/08/2023 at 06:02 By Help Net Security Ransomware shows no signs of slowing, with ransomware activity ending 13 times higher than at the start of 2023 as a proportion of all malware detections, according to Fortinet. Ransomware detections 1H 2023 FortiGuard Labs has documented substantial

React to this headline:

Loading spinner

The ransomware rollercoaster continues as criminals advance their business models Read More »

MITRE Updates CWE Top 25 Most Dangerous Software Weaknesses

Application Security, CWE, MITRE, Vulnerabilities, vulnerability /

MITRE Updates CWE Top 25 Most Dangerous Software Weaknesses 30/06/2023 at 15:16 By Ionut Arghire Use-after-free and OS command injection vulnerabilities reach the top five most dangerous software weaknesses in the 2023 CWE Top 25 list. The post MITRE Updates CWE Top 25 Most Dangerous Software Weaknesses appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

MITRE Updates CWE Top 25 Most Dangerous Software Weaknesses Read More »

Scroll to Top