MITRE has expanded the EMB3D Threat Model with essential mitigations to help organizations address threats to embedded devices.
The post MITRE Adds Mitigations to EMB3D Threat Model appeared first on SecurityWeek.
VMware Abused in Recent MITRE Hack for Persistence, Evasion
MITRE has shared information on how China-linked hackers abused VMware for persistence and detection evasion in the recent hack.
The post VMware Abused in Recent MITRE Hack for Persistence, Evasion appeared first on SecurityWeek.
MITRE EMB3D Threat Model Officially Released
MITRE announced the public availability of the EMB3D threat model for embedded devices used in critical infrastructure.
The post MITRE EMB3D Threat Model Officially Released appeared first on SecurityWeek.
MITRE Hack: China-Linked Group Breached Systems in December 2023
MITRE has shared more details on the recent hack, including the new malware involved in the attack and a timeline of the attacker’s activities.
The post MITRE Hack: China-Linked Group Breached Systems in December 2023 appeared first on SecurityWeek.
MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days
MITRE R&D network hacked in early January by a state-sponsored threat group that exploited an Ivanti zero-day vulnerability.
The post MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days appeared first on SecurityWeek.
CVE and NVD – A Weak and Fractured Source of Vulnerability Truth
MITRE is unable to compile a list of all new vulnerabilities, and NIST is unable to subsequently, and consequently, provide an enriched database of all vulnerabilities. What went wrong, and what can be done?
The post CVE and NVD – A Weak and Fractured Source of Vulnerability Truth appeared first on SecurityWeek.
Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive
A malware tactic dubbed ‘hunter-killer’ is growing, based on an analysis of more than 600,000 malware samples. This may become the standard approach for advanced attacks.
The post Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive appeared first on SecurityWeek.
MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure
MITRE and partners unveil EMB3D, a new threat model designed for critical infrastructure embedded devices.
The post MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure appeared first on SecurityWeek.
MITRE and CISA Release Open Source Tool for OT Attack Emulation
MITRE and CISA introduce Caldera for OT, a new extension to help security teams emulate attacks targeting operational technology systems.
The post MITRE and CISA Release Open Source Tool for OT Attack Emulation appeared first on SecurityWeek.
MITRE Updates CWE Top 25 Most Dangerous Software Weaknesses
Use-after-free and OS command injection vulnerabilities reach the top five most dangerous software weaknesses in the 2023 CWE Top 25 list.
The post MITRE Updates CWE Top 25 Most Dangerous Software Weaknesses appeared first on SecurityWeek.
