home.social

#mitre — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #mitre, aggregated by home.social.

  1. Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....

    National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.

    Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. justsecurity.org/136914/nist-c #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence

  2. Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....

    National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.

    Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. justsecurity.org/136914/nist-c #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence

  3. Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....

    National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.

    Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. justsecurity.org/136914/nist-c #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence

  4. Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....

    National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.

    Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. justsecurity.org/136914/nist-c #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence

  5. Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....

    National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.

    Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. justsecurity.org/136914/nist-c

  6. You have discovered a new vulnerability? Submit it here and we will assign a CVE in no time. vuldb.com/vuln/add #vuldb #cna #cve #mitre #nvd

  7. You have discovered a new vulnerability? Submit it here and we will assign a CVE in no time. vuldb.com/vuln/add #vuldb #cna #cve #mitre #nvd

  8. You have discovered a new vulnerability? Submit it here and we will assign a CVE in no time. vuldb.com/vuln/add #vuldb #cna #cve #mitre #nvd

  9. You have discovered a new vulnerability? Submit it here and we will assign a CVE in no time. vuldb.com/vuln/add #vuldb #cna #cve #mitre #nvd

  10. You have discovered a new vulnerability? Submit it here and we will assign a CVE in no time. vuldb.com/vuln/add #vuldb #cna #cve #mitre #nvd

  11. 🤔 How do you test OT defenses without impacting real operations? You simulate the adversary. 🛡️

    On the latest 🎙️ Nexus Podcast, Samir Boussarhane of MITRE discusses new CALDERA for OT simulator plug-ins—including Aloha Water Treatment, a simulated facility built for adversary emulation and security testing.

    Learn how this open-source platform automates security assessments and helps teams stay ahead of real-world threats.

    🎧 Listen here: nexusconnect.io/podcasts/nexus

    #OTSecurity #CyberSecurity #MITRE #AdversaryEmulation

  12. 🤔 How do you test OT defenses without impacting real operations? You simulate the adversary. 🛡️

    On the latest 🎙️ Nexus Podcast, Samir Boussarhane of MITRE discusses new CALDERA for OT simulator plug-ins—including Aloha Water Treatment, a simulated facility built for adversary emulation and security testing.

    Learn how this open-source platform automates security assessments and helps teams stay ahead of real-world threats.

    🎧 Listen here: nexusconnect.io/podcasts/nexus

    #OTSecurity #CyberSecurity #MITRE #AdversaryEmulation

  13. 📰 MITRE Warns of New Cyber Risks in AI and Cloud-Connected Medical Devices

    🩺 MITRE report warns that AI, cloud, and PQC in medical devices create new risks to patient safety. Traditional security is not enough. Calls for a 'secure-by-design' approach and shared responsibility. #Healthcare #Cybersecurity #IoMT #MITRE

    🔗 cyber.netsecops.io

  14. 📰 MITRE Warns of New Cyber Risks in AI and Cloud-Connected Medical Devices

    🩺 MITRE report warns that AI, cloud, and PQC in medical devices create new risks to patient safety. Traditional security is not enough. Calls for a 'secure-by-design' approach and shared responsibility. #Healthcare #Cybersecurity #IoMT #MITRE

    🔗 cyber.netsecops.io

  15. 📰 MITRE Warns of New Cyber Risks in AI and Cloud-Connected Medical Devices

    🩺 MITRE report warns that AI, cloud, and PQC in medical devices create new risks to patient safety. Traditional security is not enough. Calls for a 'secure-by-design' approach and shared responsibility. #Healthcare #Cybersecurity #IoMT #MITRE

    🔗 cyber.netsecops.io

  16. 📰 MITRE Warns of New Cyber Risks in AI and Cloud-Connected Medical Devices

    🩺 MITRE report warns that AI, cloud, and PQC in medical devices create new risks to patient safety. Traditional security is not enough. Calls for a 'secure-by-design' approach and shared responsibility. #Healthcare #Cybersecurity #IoMT #MITRE

    🔗 cyber.netsecops.io

  17. Extracted CAPEC to CWE Mappings (first 10 examples)...
    Total CVEs with CAPEC relationships found: 6

    #Mitre #CAPEC #CWE #CyberThreats
    2/2

  18. Extracted CAPEC to CWE Mappings (first 10 examples)...
    Total CVEs with CAPEC relationships found: 6

    #Mitre #CAPEC #CWE #CyberThreats
    2/2

  19. ----------------

    🎯 Threat Intelligence
    ===================

    Opening — Executive summary
    This platform aggregates and indexes 8,756 community detection rules from six distinct sources and provides AI-driven coverage analysis mapped to the MITRE ATT&CK framework. The offering includes search, visualization, and AI-assisted analysis features aimed at revealing detection gaps against 172 mapped threat actors.

    Technical Details — Core capabilities
    • Detection Explorer: search and filter the full corpus of 8,756 detection rules with full rule content, ATT&CK mappings, and cross-references.
    • AI Chat: natural-language query interface for coverage questions such as “What’s our coverage against APT29?” with structured outputs.
    • Coverage Analysis: tactic-level heatmaps, technique gap analysis, and procedure-level breakdowns that show where detections do or do not exist.
    • Threat Actor Mapping: coverage assessment against a database of 172 MITRE ATT&CK threat actors.
    • Threat Report Analysis: submit threat advisories and receive extracted TTPs with ATT&CK mappings and gap identification.
    • ATT&CK Navigator: generate and export Navigator layers for sharing and operational review.

    Analysis — How it works conceptually
    The product links detection rule metadata and full rule content to ATT&CK tactic and technique identifiers, then applies automated coverage heuristics and AI models to surface where detection rules align with known TTPs and where procedural coverage is missing. The AI chat uses LLMs for natural-language mapping and structured answers; frontier models (e.g., Claude Sonnet 4.6, GPT-5.4, Codex, Opus) are available under the PRO tier or via BYOK.

    Use cases
    • Red/blue teams and detection engineers validating ATT&CK coverage and prioritizing rule development.
    • CTI teams mapping new threat reports to existing detections and identifying blind spots.
    • SOC managers exporting ATT&CK Navigator layers for compliance or reporting.

    Limitations & considerations
    • Coverage depends on the quality and recency of contributed detection rules and mappings.
    • AI-driven mappings may require human validation for high-confidence operational use.
    • Frontier-model features require PRO subscription or an external API key (BYOK).

    References & product notes
    Contains explicit counts (8,756 detections; 172 threat actors) and pricing tiers: free exploration with limited AI chats, PRO at $25/month or $250/year for unlimited frontier-model chats. #bookmark #MITRE #AI #detections #threatintel

    🔗 Source: detect.michaelhaag.org/

  20. ----------------

    🛠️ Tool
    ===================

    Opening: CABTA (Cyan Agent Blue Team Assistant) is a local-first, analyst-focused SOC platform that aggregates 20+ threat intelligence feeds, performs multi-format file analysis, and provides email forensics alongside AI-assisted investigation using a local LLM via Ollama.

    Key Features:
    • Multi-source TI aggregation including VirusTotal, Shodan, AbuseIPDB, AlienVault OTX and GreyNoise, plus 15 additional OSINT feeds.
    • Multi-format malware analysis covering PE, ELF, Mach-O, APK, Office, PDF, scripts and archives with deep inspection features.
    • Email forensics capabilities: SPF/DKIM/DMARC validation, BEC detection, phishing scoring and relay chain analysis.
    • AI-assisted summarization and context-aware verdicts using a local LLM (Ollama) to avoid cloud data exfiltration.
    • Detection rule generation across platforms: auto-generated KQL, Splunk SPL, Sigma, YARA, Snort, FortiMail, Proofpoint and Mimecast rules.
    • Case management and STIX 2.1 export with TLP marking for IOC sharing.

    Technical Implementation:
    CABTA centralizes telemetry and TI lookups, correlates indicators across feeds and exposes analyst workflows through a modern web dashboard. The platform performs deep PE inspection (TLS callbacks, PDB path, Rich header checks), implements a 7-heuristic DGA detector (entropy, bigram/trigram, dictionary checks), and integrates Volatility 3 for memory forensics and process-level analysis. Cobalt Strike beacon extraction uses XOR brute-force decryption and TLV config parsing to surface C2 servers and embedded configs.

    Use Cases:
    • SOC triage and enrichment for alerts with multi-source context and automated rule generation.
    • Incident response combining static/dynamic artifact inspection with memory forensics.
    • Threat hunting that leverages composite scoring and MITRE technique mapping to prioritize IOC investigations.

    Limitations & Considerations:
    • Functionality depends on availability of local TI keys for some sources (VirusTotal, Shodan).
    • Local LLM results depend on the deployed Ollama model and its local resources; analytic quality varies by model.
    • The platform emphasizes local processing; integration with remote/cloud pipelines requires external orchestration.

    Summary: CABTA delivers an integrated, local-first SOC workflow combining TI aggregation, advanced artifact inspection, memory forensics and AI-assisted summaries, with production-grade rule export and STIX support. #tool #DFIR #malware #ThreatIntel #MITRE

    🔗 Source: github.com/ugurrates/CABTA

  21. MITRE F3: Neues Framework vereint Betrugs- und Cyberabwehr

    MITRE adressiert das Problem mit einem verhaltensbasierten Framework, das Betrugs- und Cybersicherheitsteams erstmals auf eine gemeinsame Arbeitsgrundlage stellt und die strukturelle Lücke zwischen beiden Disziplinen schließt.

    all-about-security.de/mitre-f3

    #cybersecurity #cyberabwehr #MITRE

  22. MITRE F3: Neues Framework vereint Betrugs- und Cyberabwehr

    MITRE adressiert das Problem mit einem verhaltensbasierten Framework, das Betrugs- und Cybersicherheitsteams erstmals auf eine gemeinsame Arbeitsgrundlage stellt und die strukturelle Lücke zwischen beiden Disziplinen schließt.

    all-about-security.de/mitre-f3

    #cybersecurity #cyberabwehr #MITRE

  23. MITRE ATT&CK v19: „Defense Evasion“ wird zu zwei getrennten Taktiken

    Mit der Veröffentlichung von ATT&CK v19 am 28. April vollzieht MITRE eine strukturelle Neuausrichtung seiner Enterprise-Matrix: Die bisherige Taktik „Defense Evasion“ wird in zwei eigenständige Taktiken aufgeteilt – „Stealth“ und „Impair Defenses“.

    all-about-security.de/mitre-at

    #MITRE #attck

  24. ClearWater — обзор нового шифровальщика

    Приветствую, сегодня я расскажу про новый шифровальщик, который мне удалось обнаружить на просторах Интернета. Первые упоминания ClearWater появились ещё в январе 2026 года. Исследуя всемирную паутину, я ещё не находил ни одной нормальной статьи по этому вредоносу, поэтому решил сам написать такую. Данный шифровальщик не отличается какой-то технической сложностью или необычными приемами поэтому его обзор несёт больше информативный характер и предназначен для Malware и TI-аналитиков.

    habr.com/ru/articles/1018822/

    #ClearWater #шифровальщик #вредонос #вредоносное_по #реверсинжиниринг #реверс #анализ_вредоносов #yara #mitre

  25. ClearWater — обзор нового шифровальщика

    Приветствую, сегодня я расскажу про новый шифровальщик, который мне удалось обнаружить на просторах Интернета. Первые упоминания ClearWater появились ещё в январе 2026 года. Исследуя всемирную паутину, я ещё не находил ни одной нормальной статьи по этому вредоносу, поэтому решил сам написать такую. Данный шифровальщик не отличается какой-то технической сложностью или необычными приемами поэтому его обзор несёт больше информативный характер и предназначен для Malware и TI-аналитиков.

    habr.com/ru/articles/1018822/

    #ClearWater #шифровальщик #вредонос #вредоносное_по #реверсинжиниринг #реверс #анализ_вредоносов #yara #mitre

  26. ClearWater — обзор нового шифровальщика

    Приветствую, сегодня я расскажу про новый шифровальщик, который мне удалось обнаружить на просторах Интернета. Первые упоминания ClearWater появились ещё в январе 2026 года. Исследуя всемирную паутину, я ещё не находил ни одной нормальной статьи по этому вредоносу, поэтому решил сам написать такую. Данный шифровальщик не отличается какой-то технической сложностью или необычными приемами поэтому его обзор несёт больше информативный характер и предназначен для Malware и TI-аналитиков.

    habr.com/ru/articles/1018822/

    #ClearWater #шифровальщик #вредонос #вредоносное_по #реверсинжиниринг #реверс #анализ_вредоносов #yara #mitre

  27. ClearWater — обзор нового шифровальщика

    Приветствую, сегодня я расскажу про новый шифровальщик, который мне удалось обнаружить на просторах Интернета. Первые упоминания ClearWater появились ещё в январе 2026 года. Исследуя всемирную паутину, я ещё не находил ни одной нормальной статьи по этому вредоносу, поэтому решил сам написать такую. Данный шифровальщик не отличается какой-то технической сложностью или необычными приемами поэтому его обзор несёт больше информативный характер и предназначен для Malware и TI-аналитиков.

    habr.com/ru/articles/1018822/

    #ClearWater #шифровальщик #вредонос #вредоносное_по #реверсинжиниринг #реверс #анализ_вредоносов #yara #mitre

  28. @bitpirate while this is laughable it seems like a complete failure of the CNA (VULSec Labs). I would think RustDesk would have a decent complaint to make to MITRE

    #cve #securiry #cybersecurity #MITRE

  29. @bitpirate while this is laughable it seems like a complete failure of the CNA (VULSec Labs). I would think RustDesk would have a decent complaint to make to MITRE

    #cve #securiry #cybersecurity #MITRE

  30. @bitpirate while this is laughable it seems like a complete failure of the CNA (VULSec Labs). I would think RustDesk would have a decent complaint to make to MITRE

    #cve #securiry #cybersecurity #MITRE