Mitre – Page 20 – WindowsTechs.com

The MITRE ATT&CK Framework: Collection

Posted on September 18, 2018 by Travis Smith

The Collection tactic outlines techniques an attacker will undertake in order to find and gather the data they need to meet their actions on objectives. I see most of these techniques as being useful for describing what a piece of malware or threat act… Continue reading The MITRE ATT&CK Framework: Collection→

The MITRE ATT&CK Framework: Lateral Movement

Posted on September 11, 2018 by Travis Smith

It will be rare that an attacker exploits a single system and does not attempt any lateral movement within the network. Even ransomware that typically targets a single system at a time has attempted to spread across the network looking for other victim… Continue reading The MITRE ATT&CK Framework: Lateral Movement→

MITRE Adds Appthority as CVE Numbering Authority (CNA)

Posted on September 10, 2018 by Seth Hardy

On Sep 7, 2018, MITRE announced that Appthority has joined 89 other organizations as a CVE Numbering Authority (CNA). Appthority is the first CNA that is focused on enterprise mobile threat research, and we’re proud of this designation. We look f… Continue reading MITRE Adds Appthority as CVE Numbering Authority (CNA)→

House panel rips CVE contracting and oversight policies

Posted on August 27, 2018 by Sean Lyngaas

The industry-wide program for documenting hardware and software vulnerabilities suffers from fluctuating funding and insufficient oversight, according to a more than year-long investigation by the House Energy and Commerce Committee. “The historical practices for managing the…program are clearly insufficient,” members of the committee wrote in letters Monday to the Department of Homeland Security, which sponsors the program, and the not-for-profit MITRE Corp., which maintains it. “Barring significant improvements, they will likely lead again to challenges that have direct, negative impacts on stakeholders across society.” The program in question, the Common Vulnerabilities and Exposures (CVE) database, has for nearly two decades been a common lexicon for researchers and companies that document security flaws. But the program has experienced a significant backlog as some researchers have struggled to get a response to their submissions. MITRE has undertaken reforms of the program, but House lawmakers say the “root causes” of the program’s woes – its lack […]

The post House panel rips CVE contracting and oversight policies appeared first on Cyberscoop.

Continue reading House panel rips CVE contracting and oversight policies→

The MITRE ATT&CK Framework: Defense Evasion

Posted on August 21, 2018 by Travis Smith

This tactic has the most techniques of any of the other tactics discussed in the MITRE ATT&CK Framework so far. What I find interesting about these techniques is that they expose the tradecraft of the various threat actors behind malware attacks. A… Continue reading The MITRE ATT&CK Framework: Defense Evasion→

EclecticIQ integrates with MITRE’s ATT&CK framework

Posted on July 10, 2018 by Industry News

EclecticIQ announced the integration with MITRE’s ATT&CK (adversarial tactics, techniques, and common knowledge) Framework. The integration allows insights into tactics, techniques and procedures (TTP) of adversaries. As adversaries get more … Continue reading EclecticIQ integrates with MITRE’s ATT&CK framework→

A Look Inside the April Update to the MITRE ATT&CK Framework

Posted on April 20, 2018 by Travis Smith

The MITRE ATT&CK Framework is an excellent resource when it comes to defining threat intelligence. The hundreds of techniques mapped across various tactics help define an adversary’s behaviors in enterprise networks. What’s better is th… Continue reading A Look Inside the April Update to the MITRE ATT&CK Framework→

APT, MITRE, DoD, and Panera – Hack Naked News #167

Posted on April 3, 2018 by Security Weekly Productions

This week, Drupal vulnerabilities, APT detection, DoD bug bounties, new DNS services and breaches galore from Under Armour, Saks, Lord and Taylor, and Panera! Jason Wood from Paladin Security joins us for expert commentary so stay tuned to this episode… Continue reading APT, MITRE, DoD, and Panera – Hack Naked News #167→

MITRE, John Strand – Paul’s Security Weekly #546

Posted on February 4, 2018 by Paul Asadoorian

John Strand, Managing Intern of Black Hills Information Security, delivers the Technical Segment on MITRE! Full Show Notes Subscribe to YouTube Channel
The post MITRE, John Strand – Paul’s Security Weekly #546 appeared first on Security Wee… Continue reading MITRE, John Strand – Paul’s Security Weekly #546→

Supercharging Cybercrime Detection with MITRE’s ATT&CK Framework

Posted on November 8, 2017 by Christopher Beier

The majority of attacks that result in successful data breaches are simply not that complex. Many rely on well-known, tried-and-true methods. Indeed, the Verizon DBIR has for many years reported that upwards of 90% of attacks were successfully executed because of unpatched and known variabilities or misconfigured systems. If we can only learn a few […]… Read More

The post Supercharging Cybercrime Detection with MITRE’s ATT&CK Framework appeared first on The State of Security.

The post Supercharging Cybercrime Detection with MITRE’s ATT&CK Framework appeared first on Security Boulevard.

Continue reading Supercharging Cybercrime Detection with MITRE’s ATT&CK Framework→