Security news aggregator

Latest coverage for MITRE

MITRE develops cybersecurity knowledge bases such as ATT&CK, which practitioners use to map adversary tactics, techniques, and defensive coverage.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

MITRE is a U.S. not-for-profit organization whose cybersecurity work includes the ATT&CK knowledge base and the Common Vulnerabilities and Exposures (CVE) program. ATT&CK organizes documented adversary behavior into tactics, such as credential access, and techniques, such as phishing or PowerShell use. CVE assigns standardized identifiers and descriptions to publicly disclosed software vulnerabilities, allowing security teams and tools to refer to the same issue consistently.

Practitioners map threat-intelligence reports, incident evidence, and detection rules to ATT&CK to identify attack behaviors and gaps in monitoring or response coverage. They use CVE identifiers to correlate vulnerability disclosures with affected assets, patches, and other assessment data. An ATT&CK technique describes a behavior, not proof that a particular actor was responsible or that every associated detection is effective. Likewise, a CVE identifier is not a severity score or a guarantee that a system is affected; teams must verify product versions, exposure, exploitability, and available mitigations before prioritizing remediation.

Volume over time

Weekly headline count for the current query.

Showing 5 most recent headlines Filtered view

Startup Maps Detections Against MITRE ATT&CK and Recommends Missing ProtectionsCribl acquired Boston-based detection engineering startup CardinalOps to help organizations continuously measure MITRE ATT&CK coverage, automate TTP-based detections across SIEM platforms and move behavioral threat detection closer to the telemetry pipeline.

Despite Last-Minute Reprieve, Fresh Approach and Ownership Required, and SoonThis week's near-disruption in funding for the Mitre-administered Common Vulnerabilities and Exposures Program shows that the U.S. government no longer wants to be footing the tab. Many experts say this is an opportunity to redesign the CVE Program to be more neutral, sustainable and international.

Bank Info Security 2 years, 2 months ago

Tech Giants Cater to Government With AI Tools

Mitre, Microsoft Announce Government-Focused AI Tools This WeekGovernment spies can't just ask ChatGPT how to use artificial intelligence in their jobs. That puts a crimp in American government efforts to apply artificial intelligence - but it's also an opportunity for organizations used to catering to the world's largest tech buyer.

Bank Info Security 2 years, 2 months ago

Mitre Says Hackers Breached Unclassified R&D Network

Threat Actor Exploited Ivanti Zero-Day Vulnerabilities in CyberattackA nation-state threat actor gained access into an unclassified research and development network operated by MITRE, a non-profit that oversees key federal funded research and development centers for the U.S. government, the organization confirmed on Friday.