Risk Management
The MITRE AADAPT framework provides documentation for identifying, investigating, and responding to weaknesses in digital asset payments.
Hi, what are you looking for?
SecurityWeek
All posts tagged "MITRE"
Malware & Threats
Windows versions of the BrickStorm backdoor that the Chinese APT used in the MITRE hack last year have been active for years.
Government
The US government's cybersecurity agency CISA has “executed the option period on the contract” to keep the vulnerability catalog operational.
Government
MITRE warns of a deterioration of national vulnerability databases and advisories, slowed vendor reaction and limited response operations.
Vulnerabilities
MITRE has released an updated CWE Top 25 Most Dangerous Software Weaknesses list, with cross-site scripting (XSS) at the top.
Artificial Intelligence
MITRE’s AI Incident Sharing initiative helps organizations receive and hand out data on real-world AI incidents.
ICS/OT
MITRE has expanded the EMB3D Threat Model with essential mitigations to help organizations address threats to embedded devices.
Incident Response
MITRE has shared information on how China-linked hackers abused VMware for persistence and detection evasion in the recent hack.
IoT Security
MITRE announced the public availability of the EMB3D threat model for embedded devices used in critical infrastructure.
Nation-State
MITRE has shared more details on the recent hack, including the new malware involved in the attack and a timeline of the attacker’s activities.
Nation-State
MITRE R&D network hacked in early January by a state-sponsored threat group that exploited an Ivanti zero-day vulnerability.
Vulnerabilities
MITRE is unable to compile a list of all new vulnerabilities, and NIST is unable to subsequently, and consequently, provide an enriched database of...
Malware & Threats
A malware tactic dubbed ‘hunter-killer’ is growing, based on an analysis of more than 600,000 malware samples. This may become the standard approach for...
ICS/OT
MITRE and partners unveil EMB3D, a new threat model designed for critical infrastructure embedded devices.
ICS/OT
MITRE and CISA introduce Caldera for OT, a new extension to help security teams emulate attacks targeting operational technology systems.
Application Security
Use-after-free and OS command injection vulnerabilities reach the top five most dangerous software weaknesses in the 2023 CWE Top 25 list.
Threat Intelligence
Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately.
Fraud & Identity Theft
Malware & Threats
Vulnerabilities
Nation-State
Management & Strategy
Noteworthy stories that might have slipped under the radar: powerful US law firm hacked by China, Symantec product flaw, $10,000 Meta AI hack, cryptocurrency...
Fraud & Identity Theft