Mapping ATT&CK techniques to CVEs should make risk assessment easier

3 November 2021

Vulnerability reporters should start using MITRE ATT&CK technique references to describe what the attacker is trying to achieve by exploiting a given CVE-numbered vulnerability, the MITRE Engenuity team urges. “Using ATT&CK facilitates making descriptions of impacts and exploitation methods consistent across reports.

Read full article on Help Net Security

Date:

3 November 2021

Categorie(s):

NEWS

Tag(s):

ATT&CK, CVE, CVEs, IT, Mapping

Enhanced Security for Enterprises: Google Launches Google Threat Intelligence19 May 2024
Hackers Exploiting Docusign With Phishing Attack To Steal Credentials19 May 2024
Why a ‘Frozen’ Distribution Linux Kernel Isn’t the Safest Choice for Security19 May 2024
An attorney says she saw her library reading habits reflected in mobile ads. That’s not supposed to happen18 May 2024
Gawd, after that week, we wonder what’s next for China and the Western world18 May 2024