Mapping ATT&CK techniques to CVEs should make risk assessment easier

3 November 2021

Vulnerability reporters should start using MITRE ATT&CK technique references to describe what the attacker is trying to achieve by exploiting a given CVE-numbered vulnerability, the MITRE Engenuity team urges. “Using ATT&CK facilitates making descriptions of impacts and exploitation methods consistent across reports.

Read full article on Help Net Security

Date:

3 November 2021

Categorie(s):

NEWS

Tag(s):

ATT&CK, CVE, CVEs, IT, Mapping

Canada arrests suspected hacker over breach of 160+ Snowflake users’ data6 November 2024
Cyberthreats linked to foreign actors aim to hinder Election Day proceedings5 November 2024
DocuSign’s API used to lure victims into e-signing fake invoices5 November 2024
Schneider Electric ransomware crew demands $125k paid in baguettes5 November 2024
How to Become a Chief Information Officer: CIO Cheat Sheet5 November 2024