The Homeland Security Systems Engineering and Development Institute, sponsored by the Department of Homeland Security and operated by MITRE, has released the 2021 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list.

MITRE Engenuity released results from its first round of independent MITRE Engenuity ATT&CK Evaluations for Industrial Control Systems (ICS). The evaluations examined how cybersecurity products from five ICS vendors detected the threat of Russian-linked Triton malware.

D3FEND, a framework for cybersecurity professionals to tailor defenses against specific cyber threats is now available through MITRE. The National Security Agency funded MITRE’s research for D3FEND to improve the cybersecurity of National Security Systems, the Department of Defense, and the Defense Industrial Base.

Organizations invest more than $3 billion annually on SIEM software and expect this investment to result in comprehensive threat coverage. However, an analysis of live SIEM deployments across select CardinalOps customers in multiple industry verticals, including healthcare and financial services, reveals that the threat coverage remains far below what organizations expect and what SIEM and detection tools can provide. Worse, organizations are often unaware of the gap between the theoretical security they assume they have and the actual security they get in practice, creating a false impression of their security posture.

The cybersecurity industry has embraced MITRE ATT&CK for good reason: it provides security leaders and practitioners an objective, third-party standard with which to evaluate their own detection coverage and EDR solutions. But even while they recognize the value, many organizations are unsure about what specific steps they should take to fully benefit from MITRE ATT&CK.

McAfee and the University of California, Berkeley’s Center for Long-Term Cybersecurity (CLTC) released a new research study, MITRE ATT&CK as a Framework for Cloud Threat Investigation, developed by CLTC researchers. The report focuses on threat investigation in the cloud through the lens of the most widely adopted framework, MITRE ATT&CK.

The Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures (TTPs) to target U.S. Government agencies.

John A. Wilson is now vice president and Chief Information and Security Officer at MITRE, leading the Enterprise Computing, Information, and Security organization.