Lucene search
+L

429 matches found

kitploit
kitploit
added 2024/04/05 11:30 a.m.46 views

Attackgen - Cybersecurity Incident Response Testing Tool That Leverages The Power Of Large Language Models And The Comprehensive MITRE ATT&CK Framework

AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details. Star the...

7.4AI score
Exploits0References3
qualysblog
qualysblog
added 2024/03/25 3:44 p.m.62 views

Combine Qualys TruRisk™ and MITRE ATT&CK to Adopt Threat-Informed Defense to Reduce Risk

There are so many vulnerabilities disclosed daily that no one can patch all of them. Unfortunately, attackers can exploit them while you are still in the process of reviewing, prioritizing, and patching. Effective risk-based prioritization focuses your limited resources and remediation efforts...

7.5CVSS10AI score0.99999EPSS
Exploits58
osv
osv
added 2024/03/11 5:15 p.m.3 views

CVE-2024-0039

In attpbuildvaluecmd of attprotocol.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS6.4AI score0.01512EPSS
Exploits1References4
nvd
nvd
added 2024/02/16 2:15 a.m.27 views

CVE-2024-0031

In attpbuildreadbytypevaluecmd of attprotocol.cc , there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS7.5AI score0.00613EPSS
Exploits0References2
osv
osv
added 2024/02/01 12:0 a.m.52 views

ASB-A-297524203

In attpbuildreadbytypevaluecmd of attprotocol.cc , there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS9.6AI score0.00613EPSS
Exploits0References2
rapid7blog
rapid7blog
added 2024/01/12 2:0 p.m.16 views

2023 Ransomware Stats: A Look Back To Plan Ahead

Last year was not a year for the faint of heart. Organizations of every size found themselves faced with ransomware attacks at varying levels of sophistication, yet every one of them was damaging. And as we step into 2024, the first victims of ransomware attacks are already being reported. What c...

6.9AI score
Exploits0
trellix
trellix
added 2023/12/13 12:0 a.m.32 views

Detecting and Visualizing Lateral Movement Attacks with Trellix XDR

Detecting and Visualizing Lateral Movement Attacks with Trellix XDR By Chintan Shah, Maulik Maheta, Ajeeth S · December 13, 2023 Executive summary With Organizations deploying multiple security controls and solutions on their network and endpoints, there is a significant gap in the way threat...

8.5AI score
Exploits0
wallarmlab
wallarmlab
added 2023/11/22 12:27 p.m.21 views

What is the MITRE ATT&CK Framework?

The Unfolding Complexity of the MITRE ATT&CK System The domain of cybersecurity is akin to an ever-evolving ocean filled with intricacies. In these stormy waters, the MITRE ATT&CK System stands as a beacon of light. It brings some order, serving as a universally available repository storing vario...

8AI score
Exploits0
ics
ics
added 2023/11/16 12:0 p.m.117 views

Scattered Spider

SUMMARY The Federal Bureau of Investigation FBI and Cybersecurity and Infrastructure Security Agency CISA are releasing this joint Cybersecurity Advisory CSA in response to recent activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors. This advisory...

10AI score
Exploits0References134
securelist
securelist
added 2023/11/09 8:0 a.m.52 views

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

Almost every quarter, someone publishes major research focusing on campaigns or incidents that involve Asian APT groups. These campaigns and incidents target various organizations from a multitude of industries. Likewise, the geographic location of victims is not limited to just one region. This...

7AI score
Exploits0
githubexploit
githubexploit
added 2023/10/31 5:35 a.m.189 views

Exploit for Incorrect Authorization in Atlassian Confluence_Data_Center

CVE-2023-22518 Improper Authorization Vulnerability in Conflue...

10CVSS9.8AI score0.99999EPSS
Exploits48
malwarebytes
malwarebytes
added 2023/10/09 1:0 a.m.13 views

A week in security (October 2 - October 8)

Last week on Malwarebytes Labs: Multi-factor authentication has proven it works, so what are we waiting for? Amazon Prime email scammer snatches defeat from the jaws of victory 2023 MITRE ATT&CK® Evaluation results: Malwarebytes earns high marks for detection, blocks initial malware executions...

7.1AI score
Exploits0
malwarebytes
malwarebytes
added 2023/10/05 12:0 p.m.54 views

2023 MITRE ATT&CK® Evaluation results: Malwarebytes earns high marks for detection, blocks initial malware executions

MITRE Engenuity released its 2023 ATT&CK Evaluation results, with Malwarebytes blocking initial malware executions and earning high marks for detection. The evaluation tested 30 vendor solutions against Turla, a sophisticated Russia-based advanced persistent threat APT group with victims in over ...

6.9AI score
Exploits0
talosblog
talosblog
added 2023/09/29 4:40 p.m.19 views

Threat Roundup for September 22 to September 29

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Sept. 22 and Sept. 29. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

6.6AI score
Exploits0
qualysblog
qualysblog
added 2023/09/26 1:4 p.m.165 views

Qualys Survey of Top 10 Exploited Vulnerabilities in 2023

The Qualys Threat Research Unit TRU has thoroughly analyzed vulnerabilities reported in 2023. Our comprehensive study assesses factors including weaponization status, existence in the CISA KEV, instances or usage of malware and ransomware, trending vulnerabilities, various scoring metrics, and...

7.5CVSS9.8AI score0.99999EPSS
Exploits94
thn
thn
added 2023/09/22 10:50 a.m.49 views

How to Interpret the 2023 MITRE ATT&CK Evaluation Results

Thorough, independent tests are a vital resource as cybersecurity leaders and their teams evaluate vendors' abilities to guard against increasingly sophisticated threats to their organization. And perhaps no assessment is more widely trusted than the annual MITRE Engenuity ATT&CK Evaluations:...

6.8AI score
Exploits0
rapid7blog
rapid7blog
added 2023/09/20 8:2 p.m.39 views

Rapid7 Delivers Visibility Across All 19 Steps of Attack in 2023 MITRE Engenuity ATT&CK® Evaluations: Enterprise

Over seven years ago, we set out to change the way that SOCs approach threat detection and response. With the introduction of InsightIDR, we wanted to address the false positives and snowballing complexity that was burning out analysts, deteriorating security posture, and inhibiting necessary...

6.5AI score
Exploits0
mmpc
mmpc
added 2023/09/20 1:0 p.m.10 views

Microsoft 365 Defender demonstrates 100 percent protection coverage in the 2023 MITRE Engenuity ATT&CK® Evaluations: Enterprise

For the fifth consecutive year, Microsoft 365 Defender demonstrated industry-leading extended detection and response XDR capabilities in the independent MITRE Engenuity ATT&CK® Evaluations: Enterprise. The attack used during the test highlights the importance of a unified XDR platform and showcas...

7.1AI score
Exploits0
mssecure
mssecure
added 2023/09/20 1:0 p.m.51 views

Microsoft 365 Defender demonstrates 100 percent protection coverage in the 2023 MITRE Engenuity ATT&CK® Evaluations: Enterprise

For the fifth consecutive year, Microsoft 365 Defender demonstrated industry-leading extended detection and response XDR capabilities in the independent MITRE Engenuity ATT&CK® Evaluations: Enterprise. The attack used during the test highlights the importance of a unified XDR platform and showcas...

7.1AI score
Exploits0
thn
thn
added 2023/07/11 11:15 a.m.33 views

How to Apply MITRE ATT&CK to Your Organization

Discover all the ways MITRE ATT&CK can help you defend your organization. Build your security strategy and policies by making the most of this important framework. What is the MITRE ATT&CK Framework? MITRE ATT&CK Adversarial Tactics, Techniques, and Common Knowledge is a widely adopted framework...

6.9AI score
Exploits0
Rows per page
Query Builder