MITRE ATT&CK & NIST 800-53 Mapping
33,579 mappings have been magically connected between MITRE ATT&CK and NIST 800-53.
https://wadebach.blackcatwhitehatsecurity.com/blog.cfm#80053mapping
#Blog #MITRE #ATT&CK #NIST #Mapping #programming

MITRE ATT&CK & CISA CVE Mapping
I have a connection established with CISA's CVE JSON and MITRE ATT&CK's TAXII API. But how do I map them together?
https://wadebach.blackcatwhitehatsecurity.com/blog.cfm#cvemapping
#Blog #MITRE #ATT&CK #CISA #CVE #Mapping #programming

Kali 2025.2 Introduces 13 New Tools, Revamped MITRE-Based Menu

One of the most notable changes in this release is the complete reorganization of the Kali menu. Gone is the old structure inherited from BackTrack and WHAX, which, according to devs, had become increasingly difficult to manage.

https://linuxiac.com/kali-2025-2-introduces-13-new-tools-revamped-mitre-based-menu/

Call for support issued by @thecvefoundation to secure funding to ensure the sustainability and independence of the CVE Program.
https://www.admin-magazine.com/News/CVE-Foundation-Issues-Call-for-Support?utm_source=mam
#CVE #vulnerabilities #exposure #CNA #Roots #CISA #MITRE #foundation

@soatok may I directly ask a question?

During an interview I was asked about #MITRE #ATT&CK. I was aware of it but never considered it of actual utility. Do people use it actually?

Thanks

Updates from the #CVEFoundation

Representatives from the CVE Foundation met with representatives from CISA on 4/24/2025. The talks were positive and encouraging. All parties wish to keep the conversation and progress moving forward.

https://www.thecvefoundation.org/news

This Week in Security: No More CVEs, 4chan, and Recall Returns - The sky is falling. Or more specifically, it was about to fall, according to the s... - https://hackaday.com/2025/04/18/this-week-in-security-no-more-cves-4chan-and-recall-returns/ #thisweekinsecurity #hackadaycolumns #securityhacks #recall #mitre #vibes #news #cves

As part of the 2022 EU NIS2 directive, the EU agency for cybersecurity (ENISA) has been setting up the EU Vulnerability Database (EUVD) at https://euvd.enisa.europa.eu/ (now in beta).

Started as a collaboration with MITRE's authoritative CVE database, EUVD may now end up replacing it, as US funding for the CVE database has stopped.

Saved at the final hour!

Security Database Used by Apple Goes Independent After Funding Cut [Updated]

https://www.macrumors.com/2025/04/16/security-database-used-apple-goes-independent/

#CISA's 11-Month extension ensures continuity of #MITRE's CVE Program
https://securityaffairs.com/176608/security/cisas-11-month-extension-ensures-continuity-of-mitres-cve-program.html
#securityaffairs #hacking

The CVE program narrowly avoided shutdown as #CISA stepped in to extend MITRE’s contract.

Read: https://hackread.com/cve-program-online-cisa-temporary-mitre-extension/

In a last minute change, #CISA extended its contract with #MITRE to run the #CVE Program until March 2026 but there are already multiple efforts to create alternative, international versions of the platform outside of the control of the US government

https://therecord.media/cisa-extends-cve-program-contract-with-mitre

MITRE CVE Contract Extended Just Before Expiration https://thecyberexpress.com/mitre-cve-contract-extended-before-expiration/ #TheCyberExpressNews #TheCyberExpress #Vulnerabilities #FirewallDaily #cybersecurity #CyberNews #MITRE #CISA #CVE #NVD

https://www.theverge.com/news/649314/cve-mitre-funding-vulnerabilities-exposures-funding
#cybersecurity #vulnerabilities #CVE #CWE #MITRE #government #defunding

CVE foundation coming in like
#CVE #MITRE

U.S. government funding for the Common Vulnerabilities and Exposures program expires April 16.

The security industry is panicking over the potential loss of the #CVE program. Run by the #MITRE non-profit, the CVE database is a critical tool for tracking the status of vulnerabilities.

#CISA just announced a temporary reprieve, but the dangers are obvious. In #SBBlogwatch, we look for the opportunities.

@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://securityboulevard.com/2025/04/mitre-cve-funding-crisis-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc

@cafou Contexte : Le programme américain de suivi des vulnérabilités risque de prendre fin.

https://www.usine-digitale.fr/editorial/cybersecurite-le-programme-americain-de-suivi-des-vulnerabilites-risque-de-prendre-fin.N2230678

The Ivantis, Solarwinds and Fortinets right now.

Die Cybersecurity and Infrastructure Security Agency (CISA) arbeitet dringend daran, die Auswirkungen zu mildern und CVE zu erhalten, ist jedoch selbst von erheblichen Kürzungen und Chaos dank Elon Musks DOGE betroffen.

Zum Artikel: https://heise.de/-10353326?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon