#mitre — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #mitre, aggregated by home.social.
-
From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5and Confluence - https://www.redpacketsecurity.com/from-edge-appliance-to-enterprise-compromise-multi-stage-linux-intrusion-via-f5and-confluence/
#threatintel
#edge-appliances
#linux-intrusion
#confluence
#credential-relay
#mitre-attack-techniques -
From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5and Confluence - https://www.redpacketsecurity.com/from-edge-appliance-to-enterprise-compromise-multi-stage-linux-intrusion-via-f5and-confluence/
#threatintel
#edge-appliances
#linux-intrusion
#confluence
#credential-relay
#mitre-attack-techniques -
From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5and Confluence - https://www.redpacketsecurity.com/from-edge-appliance-to-enterprise-compromise-multi-stage-linux-intrusion-via-f5and-confluence/
#threatintel
#edge-appliances
#linux-intrusion
#confluence
#credential-relay
#mitre-attack-techniques -
From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5and Confluence - https://www.redpacketsecurity.com/from-edge-appliance-to-enterprise-compromise-multi-stage-linux-intrusion-via-f5and-confluence/
#threatintel
#edge-appliances
#linux-intrusion
#confluence
#credential-relay
#mitre-attack-techniques -
From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5and Confluence - https://www.redpacketsecurity.com/from-edge-appliance-to-enterprise-compromise-multi-stage-linux-intrusion-via-f5and-confluence/
#threatintel
#edge-appliances
#linux-intrusion
#confluence
#credential-relay
#mitre-attack-techniques -
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
Accelerating detection engineering using AI-assisted synthetic attack logsgeneration - https://www.redpacketsecurity.com/accelerating-detection-engineering-using-ai-assisted-synthetic-attack-logsgeneration/
#threatintel
#AI-assisted-logs
#synthetic-logs
#detection-engineering
#MITRE-ATT&CK
#cybersecurity-logs -
Accelerating detection engineering using AI-assisted synthetic attack logsgeneration - https://www.redpacketsecurity.com/accelerating-detection-engineering-using-ai-assisted-synthetic-attack-logsgeneration/
#threatintel
#AI-assisted-logs
#synthetic-logs
#detection-engineering
#MITRE-ATT&CK
#cybersecurity-logs -
Accelerating detection engineering using AI-assisted synthetic attack logsgeneration - https://www.redpacketsecurity.com/accelerating-detection-engineering-using-ai-assisted-synthetic-attack-logsgeneration/
#threatintel
#AI-assisted-logs
#synthetic-logs
#detection-engineering
#MITRE-ATT&CK
#cybersecurity-logs -
Accelerating detection engineering using AI-assisted synthetic attack logsgeneration - https://www.redpacketsecurity.com/accelerating-detection-engineering-using-ai-assisted-synthetic-attack-logsgeneration/
#threatintel
#AI-assisted-logs
#synthetic-logs
#detection-engineering
#MITRE-ATT&CK
#cybersecurity-logs -
Accelerating detection engineering using AI-assisted synthetic attack logsgeneration - https://www.redpacketsecurity.com/accelerating-detection-engineering-using-ai-assisted-synthetic-attack-logsgeneration/
#threatintel
#AI-assisted-logs
#synthetic-logs
#detection-engineering
#MITRE-ATT&CK
#cybersecurity-logs -
🤔 How do you test OT defenses without impacting real operations? You simulate the adversary. 🛡️
On the latest 🎙️ Nexus Podcast, Samir Boussarhane of MITRE discusses new CALDERA for OT simulator plug-ins—including Aloha Water Treatment, a simulated facility built for adversary emulation and security testing.
Learn how this open-source platform automates security assessments and helps teams stay ahead of real-world threats.
🎧 Listen here: https://nexusconnect.io/podcasts/nexus-podcast-mitre-on-caldera-for-ot-adversary-emulation
-
🤔 How do you test OT defenses without impacting real operations? You simulate the adversary. 🛡️
On the latest 🎙️ Nexus Podcast, Samir Boussarhane of MITRE discusses new CALDERA for OT simulator plug-ins—including Aloha Water Treatment, a simulated facility built for adversary emulation and security testing.
Learn how this open-source platform automates security assessments and helps teams stay ahead of real-world threats.
🎧 Listen here: https://nexusconnect.io/podcasts/nexus-podcast-mitre-on-caldera-for-ot-adversary-emulation
-
📰 MITRE Warns of New Cyber Risks in AI and Cloud-Connected Medical Devices
🩺 MITRE report warns that AI, cloud, and PQC in medical devices create new risks to patient safety. Traditional security is not enough. Calls for a 'secure-by-design' approach and shared responsibility. #Healthcare #Cybersecurity #IoMT #MITRE
-
📰 MITRE Warns of New Cyber Risks in AI and Cloud-Connected Medical Devices
🩺 MITRE report warns that AI, cloud, and PQC in medical devices create new risks to patient safety. Traditional security is not enough. Calls for a 'secure-by-design' approach and shared responsibility. #Healthcare #Cybersecurity #IoMT #MITRE
-
📰 MITRE Warns of New Cyber Risks in AI and Cloud-Connected Medical Devices
🩺 MITRE report warns that AI, cloud, and PQC in medical devices create new risks to patient safety. Traditional security is not enough. Calls for a 'secure-by-design' approach and shared responsibility. #Healthcare #Cybersecurity #IoMT #MITRE
-
📰 MITRE Warns of New Cyber Risks in AI and Cloud-Connected Medical Devices
🩺 MITRE report warns that AI, cloud, and PQC in medical devices create new risks to patient safety. Traditional security is not enough. Calls for a 'secure-by-design' approach and shared responsibility. #Healthcare #Cybersecurity #IoMT #MITRE
-
MITRE flags rising cyber risks as medical devices adopt AI, cloud and post-quantum technologies https://www.byteseu.com/1974816/ #AI #Algorithms #cryptography #CyberRisk #cyberattacks #CybersecurityControls #CybersecurityRisk #CybersecurityThreats #HDOs #Healthcare #Medical #MedicalDevice #MedicalDeviceManufacturers #mitre #ML #QuantumComputing #RiskManagement #SBOM #Technology #ThreatLandscape #vulnerabilities
-
Extracted CAPEC to CWE Mappings (first 10 examples)...
Total CVEs with CAPEC relationships found: 6 -
Extracted CAPEC to CWE Mappings (first 10 examples)...
Total CVEs with CAPEC relationships found: 6 -
----------------
🎯 Threat Intelligence
===================Opening — Executive summary
This platform aggregates and indexes 8,756 community detection rules from six distinct sources and provides AI-driven coverage analysis mapped to the MITRE ATT&CK framework. The offering includes search, visualization, and AI-assisted analysis features aimed at revealing detection gaps against 172 mapped threat actors.Technical Details — Core capabilities
• Detection Explorer: search and filter the full corpus of 8,756 detection rules with full rule content, ATT&CK mappings, and cross-references.
• AI Chat: natural-language query interface for coverage questions such as “What’s our coverage against APT29?” with structured outputs.
• Coverage Analysis: tactic-level heatmaps, technique gap analysis, and procedure-level breakdowns that show where detections do or do not exist.
• Threat Actor Mapping: coverage assessment against a database of 172 MITRE ATT&CK threat actors.
• Threat Report Analysis: submit threat advisories and receive extracted TTPs with ATT&CK mappings and gap identification.
• ATT&CK Navigator: generate and export Navigator layers for sharing and operational review.Analysis — How it works conceptually
The product links detection rule metadata and full rule content to ATT&CK tactic and technique identifiers, then applies automated coverage heuristics and AI models to surface where detection rules align with known TTPs and where procedural coverage is missing. The AI chat uses LLMs for natural-language mapping and structured answers; frontier models (e.g., Claude Sonnet 4.6, GPT-5.4, Codex, Opus) are available under the PRO tier or via BYOK.Use cases
• Red/blue teams and detection engineers validating ATT&CK coverage and prioritizing rule development.
• CTI teams mapping new threat reports to existing detections and identifying blind spots.
• SOC managers exporting ATT&CK Navigator layers for compliance or reporting.Limitations & considerations
• Coverage depends on the quality and recency of contributed detection rules and mappings.
• AI-driven mappings may require human validation for high-confidence operational use.
• Frontier-model features require PRO subscription or an external API key (BYOK).References & product notes
Contains explicit counts (8,756 detections; 172 threat actors) and pricing tiers: free exploration with limited AI chats, PRO at $25/month or $250/year for unlimited frontier-model chats. #bookmark #MITRE #AI #detections #threatintel🔗 Source: https://detect.michaelhaag.org/
-
----------------
🛠️ Tool
===================Opening: CABTA (Cyan Agent Blue Team Assistant) is a local-first, analyst-focused SOC platform that aggregates 20+ threat intelligence feeds, performs multi-format file analysis, and provides email forensics alongside AI-assisted investigation using a local LLM via Ollama.
Key Features:
• Multi-source TI aggregation including VirusTotal, Shodan, AbuseIPDB, AlienVault OTX and GreyNoise, plus 15 additional OSINT feeds.
• Multi-format malware analysis covering PE, ELF, Mach-O, APK, Office, PDF, scripts and archives with deep inspection features.
• Email forensics capabilities: SPF/DKIM/DMARC validation, BEC detection, phishing scoring and relay chain analysis.
• AI-assisted summarization and context-aware verdicts using a local LLM (Ollama) to avoid cloud data exfiltration.
• Detection rule generation across platforms: auto-generated KQL, Splunk SPL, Sigma, YARA, Snort, FortiMail, Proofpoint and Mimecast rules.
• Case management and STIX 2.1 export with TLP marking for IOC sharing.Technical Implementation:
CABTA centralizes telemetry and TI lookups, correlates indicators across feeds and exposes analyst workflows through a modern web dashboard. The platform performs deep PE inspection (TLS callbacks, PDB path, Rich header checks), implements a 7-heuristic DGA detector (entropy, bigram/trigram, dictionary checks), and integrates Volatility 3 for memory forensics and process-level analysis. Cobalt Strike beacon extraction uses XOR brute-force decryption and TLV config parsing to surface C2 servers and embedded configs.Use Cases:
• SOC triage and enrichment for alerts with multi-source context and automated rule generation.
• Incident response combining static/dynamic artifact inspection with memory forensics.
• Threat hunting that leverages composite scoring and MITRE technique mapping to prioritize IOC investigations.Limitations & Considerations:
• Functionality depends on availability of local TI keys for some sources (VirusTotal, Shodan).
• Local LLM results depend on the deployed Ollama model and its local resources; analytic quality varies by model.
• The platform emphasizes local processing; integration with remote/cloud pipelines requires external orchestration.Summary: CABTA delivers an integrated, local-first SOC workflow combining TI aggregation, advanced artifact inspection, memory forensics and AI-assisted summaries, with production-grade rule export and STIX support. #tool #DFIR #malware #ThreatIntel #MITRE
🔗 Source: https://github.com/ugurrates/CABTA
-
Cyrela (CYRE3), Mitre (MTRE3) e Even (EVEN3): prévias dividem mercado, mas qualidade melhora
🇧🇷 Leia mais: https://guiadoinvestidor.com.br/mercado/cyrela-cyre3-mitre-mtre3-e-even-even3-previas-dividem-mercado-mas-qualidade-melhora/
-
Cyrela (CYRE3), Mitre (MTRE3) e Even (EVEN3): prévias dividem mercado, mas qualidade melhora
🇧🇷 Leia mais: https://guiadoinvestidor.com.br/mercado/cyrela-cyre3-mitre-mtre3-e-even-even3-previas-dividem-mercado-mas-qualidade-melhora/
-
Mitre (MTRE3) dispara lançamentos em 195%, mas vendas preocupam mercado
🇧🇷 Leia mais: https://guiadoinvestidor.com.br/mercado/mitre-mtre3-dispara-lancamentos-em-195-mas-vendas-preocupam-mercado/
-
Mitre (MTRE3) dispara lançamentos em 195%, mas vendas preocupam mercado
🇧🇷 Leia mais: https://guiadoinvestidor.com.br/mercado/mitre-mtre3-dispara-lancamentos-em-195-mas-vendas-preocupam-mercado/
-
MITRE F3: Neues Framework vereint Betrugs- und Cyberabwehr
MITRE adressiert das Problem mit einem verhaltensbasierten Framework, das Betrugs- und Cybersicherheitsteams erstmals auf eine gemeinsame Arbeitsgrundlage stellt und die strukturelle Lücke zwischen beiden Disziplinen schließt.
https://www.all-about-security.de/mitre-f3-neues-framework-vereint-betrugs-und-cyberabwehr/
-
MITRE F3: Neues Framework vereint Betrugs- und Cyberabwehr
MITRE adressiert das Problem mit einem verhaltensbasierten Framework, das Betrugs- und Cybersicherheitsteams erstmals auf eine gemeinsame Arbeitsgrundlage stellt und die strukturelle Lücke zwischen beiden Disziplinen schließt.
https://www.all-about-security.de/mitre-f3-neues-framework-vereint-betrugs-und-cyberabwehr/
-
MITRE ATT&CK v19: „Defense Evasion“ wird zu zwei getrennten Taktiken
Mit der Veröffentlichung von ATT&CK v19 am 28. April vollzieht MITRE eine strukturelle Neuausrichtung seiner Enterprise-Matrix: Die bisherige Taktik „Defense Evasion“ wird in zwei eigenständige Taktiken aufgeteilt – „Stealth“ und „Impair Defenses“.
https://www.all-about-security.de/mitre-attck-v19-defense-evasion-wird-zu-zwei-getrennten-taktiken/
-
ClearWater — обзор нового шифровальщика
Приветствую, сегодня я расскажу про новый шифровальщик, который мне удалось обнаружить на просторах Интернета. Первые упоминания ClearWater появились ещё в январе 2026 года. Исследуя всемирную паутину, я ещё не находил ни одной нормальной статьи по этому вредоносу, поэтому решил сам написать такую. Данный шифровальщик не отличается какой-то технической сложностью или необычными приемами поэтому его обзор несёт больше информативный характер и предназначен для Malware и TI-аналитиков.
https://habr.com/ru/articles/1018822/
#ClearWater #шифровальщик #вредонос #вредоносное_по #реверсинжиниринг #реверс #анализ_вредоносов #yara #mitre
-
ClearWater — обзор нового шифровальщика
Приветствую, сегодня я расскажу про новый шифровальщик, который мне удалось обнаружить на просторах Интернета. Первые упоминания ClearWater появились ещё в январе 2026 года. Исследуя всемирную паутину, я ещё не находил ни одной нормальной статьи по этому вредоносу, поэтому решил сам написать такую. Данный шифровальщик не отличается какой-то технической сложностью или необычными приемами поэтому его обзор несёт больше информативный характер и предназначен для Malware и TI-аналитиков.
https://habr.com/ru/articles/1018822/
#ClearWater #шифровальщик #вредонос #вредоносное_по #реверсинжиниринг #реверс #анализ_вредоносов #yara #mitre
-
ClearWater — обзор нового шифровальщика
Приветствую, сегодня я расскажу про новый шифровальщик, который мне удалось обнаружить на просторах Интернета. Первые упоминания ClearWater появились ещё в январе 2026 года. Исследуя всемирную паутину, я ещё не находил ни одной нормальной статьи по этому вредоносу, поэтому решил сам написать такую. Данный шифровальщик не отличается какой-то технической сложностью или необычными приемами поэтому его обзор несёт больше информативный характер и предназначен для Malware и TI-аналитиков.
https://habr.com/ru/articles/1018822/
#ClearWater #шифровальщик #вредонос #вредоносное_по #реверсинжиниринг #реверс #анализ_вредоносов #yara #mitre
-
ClearWater — обзор нового шифровальщика
Приветствую, сегодня я расскажу про новый шифровальщик, который мне удалось обнаружить на просторах Интернета. Первые упоминания ClearWater появились ещё в январе 2026 года. Исследуя всемирную паутину, я ещё не находил ни одной нормальной статьи по этому вредоносу, поэтому решил сам написать такую. Данный шифровальщик не отличается какой-то технической сложностью или необычными приемами поэтому его обзор несёт больше информативный характер и предназначен для Malware и TI-аналитиков.
https://habr.com/ru/articles/1018822/
#ClearWater #шифровальщик #вредонос #вредоносное_по #реверсинжиниринг #реверс #анализ_вредоносов #yara #mitre
-
@bitpirate while this is laughable it seems like a complete failure of the CNA (VULSec Labs). I would think RustDesk would have a decent complaint to make to MITRE
-
@bitpirate while this is laughable it seems like a complete failure of the CNA (VULSec Labs). I would think RustDesk would have a decent complaint to make to MITRE
-
@bitpirate while this is laughable it seems like a complete failure of the CNA (VULSec Labs). I would think RustDesk would have a decent complaint to make to MITRE