Security News

Phishers tricking users via fake LinkedIn Private Shared DocumentPhishers are trying to trick users into opening a "LinkedIn Private Shared Document" and entering their login credentials into a fake LinkedIn login page, security researcher JB Bowers warns. Apple details major security, privacy enhancements in its devicesApple has released on Thursday a newer version of its Platform Security Guide, outlining the security and privacy innovations and improvements its users will be able to take advantage of.

Purdue University and MITRE are combining their expertise and capabilities to form a new public-private partnership focusing on key areas of national safety and security. Purdue will join MITRE as one of its select academic vision partners.

MITRE ATT&CK helps understand attacker behavior. The MITRE ATT&CK framework is a well known and widely used knowledge base of cyber adversary tactics, techniques and procedures, and is based on observations on real-world attacks.

There's a good reason everyone's talking about MITRE ATT&CK: it's an objective, third-party standard with which organizations can measure their own detection coverage, as well as the coverage provided by EDR solutions. Still, even while you appreciate ATT&CK, it's not always clear how you can use it to improve your own organizational security.

MITRE named Gerald Gilbert, Ph.D., a MITRE Fellow to expand MITRE's quantum science initiatives. MITRE Fellows are a select group of preeminent scientists in their fields who lead critically important programs.

Microsoft and MITRE, in collaboration with a dozen other organizations, have developed a framework designed to help identify, respond to, and remediate attacks targeting machine learning systems. The Adversarial ML Threat Matrix, which Microsoft has released in collaboration with MITRE, IBM, NVIDIA, Airbus, Bosch, Deep Instinct, Two Six Labs, Cardiff University, the University of Toronto, PricewaterhouseCoopers, the Software Engineering Institute at Carnegie Mellon University, and the Berryville Institute of Machine Learning, is an industry-focused open framework that aims to address this issue.

Seasoned cybersecurity pros will be familiar with MITRE. Known for its MITRE ATT&CK framework, MITRE helps develop threat models and defensive methodologies for both the private and public sector cybersecurity communities. MITRE recently added to their portfolio and released MITRE Shield, an active defense knowledge base that captures and organizes security techniques in a way that is complementary to the mitigations featured in MITRE ATT&CK. The MITRE Shield framework focuses on active defense and adversary engagement, which takes the passivity out of network defense.

The MITRE Corporation has taken the wraps off a knowledge base of common techniques and tactics that defenders can use to ensure their networks and assets are kept secure. Called MITRE Shield, the publicly available, free resource is aimed at cyber-experts looking to engage an active cyber defense and, similarly with MITRE ATT&CK, presents a series of active defense concepts.

McAfee introduced MITRE ATT&CK into McAfee MVISION Cloud, the company's Cloud Access Security Broker, delivering a precise method to hunt, detect and stop cyberattacks on cloud services. This new integration gives SecOps teams a direct source of cloud vulnerabilities and threats mapped to the tactics and techniques of ATT&CK. McAfee is the first CASB provider to tag and visualize cloud security events within an ATT&CK. "Many SecOps teams leverage repeatable processes and frameworks such as ATT&CK to mitigate risk and respond to threats to their endpoints and networks, but so far cloud threats and vulnerabilities have presented an unfamiliar paradigm," said Rajiv Gupta, senior vice president and general manager of Cloud Security, McAfee.

MITRE's Center for Technology & National Security, created to enhance MITRE's engagement with senior government leadership, named five highly esteemed national security officials to its newly established advisory board. "CTNS builds on the experience and expertise of thousands of our nation's most respected scientific and engineering minds," said Bill LaPlante, senior vice president for the MITRE National Security Sector.