Veganism Social

ANY.RUN🚨 How to Spot <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ransomware</a> Activity Early with TI Lookup Malware can leave your SOC blind unless you proactively hunt its behavior. Ransomware is a good example. ⚠️ Typically it only encrypts files without removing backups or logs. When it starts executing commands to hide activity and disrupt recovery, the impact becomes far more serious, leading to downtime, data loss, and business disruption. If your SOC is familiar with these techniques and monitors them in advance, response will be faster and more effective. Let’s see how TI Lookup can be used to reveal these behaviors and close monitoring gaps. 👨‍💻 We started with a basic TI Lookup query for ransomware-related commands: threatName:"ransomware" AND commandLine:".exe *" To refine the search, we gradually excluded irrelevant results: <a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoti&utm_term=200825#%257B%2522query%2522:%2522threatName:%255C%2522ransomware%255C%2522%2520AND%2520commandLine:%255C%2522.exe%2520*%255C%2522%2520NOT%2520commandLine:%255C%2522conhost.exe%255C%2522%2520NOT%2520commandLine:%255C%2522%2520-Embedding%255C%2522%2520NOT%2520commandLine:%255C%2522svchost.exe%2520-k%2520NetworkService%255C%2522%2520NOT%2520commandLine:%255C%2522DllHost.exe%2520%255C%2522%2522,%2522dateRange%2522:180%257D" rel="nofollow noopener" translate="no" target="_blank">https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoti&utm_term=200825#%257B%2522query%2522:%2522threatName:%255C%2522ransomware%255C%2522%2520AND%2520commandLine:%255C%2522.exe%2520*%255C%2522%2520NOT%2520commandLine:%255C%2522conhost.exe%255C%2522%2520NOT%2520commandLine:%255C%2522%2520-Embedding%255C%2522%2520NOT%2520commandLine:%255C%2522svchost.exe%2520-k%2520NetworkService%255C%2522%2520NOT%2520commandLine:%255C%2522DllHost.exe%2520%255C%2522%2522,%2522dateRange%2522:180%257D</a> 🎯 This search query uncovers far more than <a href="https://infosec.exchange/tags/IOCs" class="mention hashtag" rel="nofollow noopener" target="_blank">#IOCs</a>. It reveals attacker techniques that can enrich detection logic across your entire environment. Let’s break down the commands ransomware uses to hide its tracks and block system recovery. 👾 See execution on a live system and download an actionable report: <a href="https://app.any.run/tasks/0f5784ac-bb52-46d5-8c14-616a4e34e336/?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoservice&utm_term=200825" rel="nofollow noopener" translate="no" target="_blank">https://app.any.run/tasks/0f5784ac-bb52-46d5-8c14-616a4e34e336/?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoservice&utm_term=200825</a> In this case, we observed ransomware leveraging a set of Windows utilities to erase traces and block recovery: wevtutil.exe: Clearing event logs (Setup, Security, System, Application) and disabling security logging, effectively erasing traces of malicious activity and complicating analysis. 🔍 <a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoti&utm_term=200825#%7B%2522query%2522:%2522commandLine:%255C%2522wevtutil*%2520cl%255C%2522%2520OR%2520commandLine:%255C%2522wevtutil*%2520sl%255C%2522%2522,%2522dateRange%2522:180%7D" rel="nofollow noopener" translate="no" target="_blank">https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoti&utm_term=200825#%7B%2522query%2522:%2522commandLine:%255C%2522wevtutil*%2520cl%255C%2522%2520OR%2520commandLine:%255C%2522wevtutil*%2520sl%255C%2522%2522,%2522dateRange%2522:180%7D</a> bcdedit.exe: Changing boot configuration, allowing the system to ignore startup errors, and disabling Windows recovery environment to ensure persistence. 🔍 <a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoti&utm_term=200825#%7B%2522query%2522:%2522commandLine:%255C%2522bcdedit*%2520/set%255C%2522%2522,%2522dateRange%2522:180%7D%20" rel="nofollow noopener" translate="no" target="_blank">https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoti&utm_term=200825#%7B%2522query%2522:%2522commandLine:%255C%2522bcdedit*%2520/set%255C%2522%2522,%2522dateRange%2522:180%7D%20</a> fsutil.exe: Deleting the USN (Update Sequence Number) journal to remove records of file changes. 🔍 <a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoti&utm_term=200825#%7B%2522query%2522:%2522commandLine:%255C%2522fsutil*deletejournal%255C%2522%2522,%2522dateRange%2522:180%7D%20" rel="nofollow noopener" translate="no" target="_blank">https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoti&utm_term=200825#%7B%2522query%2522:%2522commandLine:%255C%2522fsutil*deletejournal%255C%2522%2522,%2522dateRange%2522:180%7D%20</a> cipher.exe: Overwriting free disk space to make deleted or unencrypted files unrecoverable. 🔍 <a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoti&utm_term=200825#%7B%2522query%2522:%2522commandLine:%255C%2522cipher*/w:C%255C%2522%2522,%2522dateRange%2522:180%7D%20" rel="nofollow noopener" translate="no" target="_blank">https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoti&utm_term=200825#%7B%2522query%2522:%2522commandLine:%255C%2522cipher*/w:C%255C%2522%2522,%2522dateRange%2522:180%7D%20</a> wbadmin.exe: Deleting backup catalogs, making built-in Windows backups and shadow copies unavailable. 🔍 <a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoti&utm_term=200825#%7B%2522query%2522:%2522commandLine:%255C%2522wbadmin*delete%2520catalog%255C%2522%2522,%2522dateRange%2522:180%7D" rel="nofollow noopener" translate="no" target="_blank">https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoti&utm_term=200825#%7B%2522query%2522:%2522commandLine:%255C%2522wbadmin*delete%2520catalog%255C%2522%2522,%2522dateRange%2522:180%7D</a> schtasks.exe: Disabling System Restore tasks, preventing the creation of automatic restore points. 🔍 <a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoti&utm_term=200825#%7B%2522query%2522:%2522commandLine:%255C%2522schtasks*/Change%255C%2522%2522,%2522dateRange%2522:180%7D" rel="nofollow noopener" translate="no" target="_blank">https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=spot_ransomware_early&utm_content=linktoti&utm_term=200825#%7B%2522query%2522:%2522commandLine:%255C%2522schtasks*/Change%255C%2522%2522,%2522dateRange%2522:180%7D</a> 👨‍💻 Early visibility into techniques strengthens resilience. What can you do now? Use TI Lookup to expand threat visibility with live attack data and enrich IOCs & behavioral rules with insights from real-world samples. 🎯 <a href="https://infosec.exchange/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a> ATT&CK Techniques Data Encrypted for Impact (T1486) Inhibit System Recovery (T1490) Indicator Removal (T1070) Strengthen resilience and protect critical assets through proactive security with <a href="https://infosec.exchange/tags/ANYRUN" class="mention hashtag" rel="nofollow noopener" target="_blank">#ANYRUN</a> 🚀 <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a>

ANY.RUN<a href="https://infosec.exchange/tags/IOCs" class="mention hashtag" rel="nofollow noopener" target="_blank">#IOCs</a>: SHA256: 560afd97f03f2ed11bf0087d551ae45f2046d6d52f0fa3d7c1df882981e8b3468b079bae684fd287c605de8acae338401a76a412c6a802faf2cf6e9ec0cf62240ba3b2871e0ad3b4fba615ea76e2d5f7cefa80e87468c6dcfc9b44feb1e5ea7aC2dd4543678f514b5323944993552c106a3d250b0c35cf16c2bb2171ab0a0199C23f6a4286dc18bbf1ff06420357da1af1132dddf37ad6f51d9915fccca6c97eFile names & directories: Shields.msi%USERPROFILE%\AppData\Local\Programs\Advanced PDF Shaper Ultimate\LdVBoxSVC.exeC:\WINDOWS\system32\openwith.exeURLs: hxxps[:]//84.200[.]80.8/gateway/6caqmphx.fan5l hxxps[:]//zerontwoposh[.]live/gateway/n5eepk7n.2a6s4TLS Certificates:SN: 29769a39032fdff8 | Thumb: 6f13c27a9150db7d02e1e1ff849921cc2bb0754e SN: 3ac75d9f42ced25b2c4534f40d08b41ffefe4ab | Thumb: b938263deb95997f9d47ce9ef9817b5def90eafaSN: 3b5db13bb882d9c4 | Thumb: f2b2e768359891f0543cd830d728c923bfc3c307 C2 JARM fingerprint:3fd3fd20d0000000003fd3fd3fd3fd9c542afc474937e300923d7c192419b1<a href="https://infosec.exchange/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a> Techniques: Phishing (T1566) User Execution: Malicious Copy and Paste (T1204.004) System Binary Proxy Execution: Msiexec (T1218.007) Virtualization/Sandbox Evasion: System Checks (T1497.001) Hijack Execution Flow (T1574) Obfuscated Files or Information: Steganography (T1027.003)

ANY.RUN🚨 How <a href="https://infosec.exchange/tags/Rhadamanthys" class="mention hashtag" rel="nofollow noopener" target="_blank">#Rhadamanthys</a> Stealer Slips Past Defenses using ClickFix ⚠️ Rhadamanthys is now delivered via ClickFix, combining technical methods and social engineering to bypass automated security solutions, making detection and response especially challenging. 👾 While earlier ClickFix campaigns mainly deployed <a href="https://infosec.exchange/tags/NetSupport" class="mention hashtag" rel="nofollow noopener" target="_blank">#NetSupport</a> RAT or <a href="https://infosec.exchange/tags/AsyncRAT" class="mention hashtag" rel="nofollow noopener" target="_blank">#AsyncRAT</a>, this C++ infostealer ranks in the upper tier for advanced evasion techniques and extensive data theft capabilities.<a href="https://infosec.exchange/tags/ANYRUN" class="mention hashtag" rel="nofollow noopener" target="_blank">#ANYRUN</a> Sandbox lets SOC teams observe and execute complex chains, revealing evasive behavior and providing intelligence that can be directly applied to detection rules, playbooks, and proactive hunting.🔗 Execution Chain: ClickFix ➡️ msiexec ➡️ exe-file ➡️ infected system file ➡️ PNG-stego payloadIn a recent campaign, the phishing domain initiates a ClickFix flow (<a href="https://infosec.exchange/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a> T1566), prompting the user to execute a malicious MSI payload hosted on a remote server. 🥷 The installer is silently executed in memory (<a href="https://infosec.exchange/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a> T1218.007), deploying a stealer component into a disguised software directory under the user profile.The dropped binary performs anti-VM checks (T1497.001) to avoid analysis. In later stages, a compromised system file is used to initiate a TLS connection directly to an IP address, bypassing DNS monitoring.📌 For encryption, attackers use self-signed TLS certificates with mismatched fields (e.g., Issuer or Subject), creating distinctive indicators for threat hunting and expanding an organization’s visibility into its threat landscape.🖼️ The C2 delivers an obfuscated PNG containing additional payloads via steganography (T1027.003), extending dwell time and complicating detection.🎯 See execution on a live system and download actionable report: <a href="https://app.any.run/tasks/a101654d-70f9-40a5-af56-1a8361b4ceb0/?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_term=120825&utm_content=linktoservice" rel="nofollow noopener" translate="no" target="_blank">https://app.any.run/tasks/a101654d-70f9-40a5-af56-1a8361b4ceb0/?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_term=120825&utm_content=linktoservice</a>🔍 Use these <a href="https://infosec.exchange/tags/ANYRUN" class="mention hashtag" rel="nofollow noopener" target="_blank">#ANYRUN</a> TI Lookup search queries to track similar campaigns and enrich <a href="https://infosec.exchange/tags/IOCs" class="mention hashtag" rel="nofollow noopener" target="_blank">#IOCs</a> with live attack data from threat investigations across 15K SOCs: <a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522threatName:%255C%2522clickfix%255C%2522%2522,%2522dateRange%2522:180%7D" rel="nofollow noopener" translate="no" target="_blank">https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522threatName:%255C%2522clickfix%255C%2522%2522,%2522dateRange%2522:180%7D</a> <a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522threatName:%255C%2522rhadamanthys%255C%2522%2522,%2522dateRange%2522:180%7D" rel="nofollow noopener" translate="no" target="_blank">https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522threatName:%255C%2522rhadamanthys%255C%2522%2522,%2522dateRange%2522:180%7D</a> <a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522(threatName:%255C%2522clickfix%255C%2522%2520OR%2520threatName:%255C%2522susp-clipboard%255C%2522)%2520AND%2520threatName:%255C%2522netsupport%255C%2522%2522,%2522dateRange%2522:180%7D" rel="nofollow noopener" translate="no" target="_blank">https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522(threatName:%255C%2522clickfix%255C%2522%2520OR%2520threatName:%255C%2522susp-clipboard%255C%2522)%2520AND%2520threatName:%255C%2522netsupport%255C%2522%2522,%2522dateRange%2522:180%7D</a> <a href="https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522(threatName:%255C%2522clickfix%255C%2522%2520OR%2520threatName:%255C%2522susp-clipboard%255C%2522)%2520AND%2520threatName:%255C%2522asyncrat%255C%2522%2522,%2522dateRange%2522:180%7D" rel="nofollow noopener" translate="no" target="_blank">https://intelligence.any.run/analysis/lookup?utm_source=mastodon&utm_medium=post&utm_campaign=rhadamanthys&utm_content=linktoti&utm_term=120825#%7B%2522query%2522:%2522(threatName:%255C%2522clickfix%255C%2522%2520OR%2520threatName:%255C%2522susp-clipboard%255C%2522)%2520AND%2520threatName:%255C%2522asyncrat%255C%2522%2522,%2522dateRange%2522:180%7D</a>👾 IOCs: 84.200[.]80.8 179.43[.]141.35 194.87[.]29.253 flaxergaurds[.]com temopix[.]com zerontwoposh[.]live loanauto[.]cloud wetotal[.]net Find more indicators in the comments 💬Protect critical assets with faster, deeper visibility into complex threats using <a href="https://infosec.exchange/tags/ANYRUN" class="mention hashtag" rel="nofollow noopener" target="_blank">#ANYRUN</a> 🚀<a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a>

Guia do InvestidorMitre (MTRE3) libera pagamento aos acionistas, mas de um jeito que poucos esperavam🇧🇷 Leia mais: <a href="https://guiadoinvestidor.com.br/mercado/mitre-libera-pagamento-aos-acionistas-mas-de-um-jeito-que-poucos-esperavam/" rel="nofollow noopener" translate="no" target="_blank">https://guiadoinvestidor.com.br/mercado/mitre-libera-pagamento-aos-acionistas-mas-de-um-jeito-que-poucos-esperavam/</a><a href="https://mastodon.social/tags/Mercado" class="mention hashtag" rel="nofollow noopener" target="_blank">#Mercado</a> <a href="https://mastodon.social/tags/Mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#Mitre</a> <a href="https://mastodon.social/tags/MTRE3" class="mention hashtag" rel="nofollow noopener" target="_blank">#MTRE3</a>

G :donor: :Tick:Anyone have experience of submitting a proposal for new sub-techniques to MITRE ATT&CK by MITRE ?Yes I’ll go read the philosophy paper but any other hints/tips/guidance appreciated!<a href="https://infosec.exchange/tags/Community" class="mention hashtag" rel="nofollow noopener" target="_blank">#Community</a> <a href="https://infosec.exchange/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a> <a href="https://infosec.exchange/tags/MITREATTACK" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITREATTACK</a> <a href="https://infosec.exchange/tags/SecurityResearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#SecurityResearch</a>

BCWHSMITRE ATT&CK & Cyber Risk Institute Mapping Mapping Cyber Risk Institute framework to MITRE ATT@CK. Why not? <a href="https://wadebach.blackcatwhitehatsecurity.com/blog.cfm#CRImapping" rel="nofollow noopener" translate="no" target="_blank">https://wadebach.blackcatwhitehatsecurity.com/blog.cfm#CRImapping</a> <a href="https://mastodon.social/tags/Blog" class="mention hashtag" rel="nofollow noopener" target="_blank">#Blog</a> <a href="https://mastodon.social/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a> <a href="https://mastodon.social/tags/Cyber" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cyber</a> <a href="https://mastodon.social/tags/Risk" class="mention hashtag" rel="nofollow noopener" target="_blank">#Risk</a> <a href="https://mastodon.social/tags/Institute" class="mention hashtag" rel="nofollow noopener" target="_blank">#Institute</a> <a href="https://mastodon.social/tags/Mapping" class="mention hashtag" rel="nofollow noopener" target="_blank">#Mapping</a> <a href="https://mastodon.social/tags/programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#programming</a>

BCWHSMITRE ATT&CK & NIST 800-53 Mapping 33,579 mappings have been magically connected between MITRE ATT&CK and NIST 800-53. <a href="https://wadebach.blackcatwhitehatsecurity.com/blog.cfm#80053mapping" rel="nofollow noopener" translate="no" target="_blank">https://wadebach.blackcatwhitehatsecurity.com/blog.cfm#80053mapping</a> <a href="https://mastodon.social/tags/Blog" class="mention hashtag" rel="nofollow noopener" target="_blank">#Blog</a> <a href="https://mastodon.social/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a> <a href="https://mastodon.social/tags/NIST" class="mention hashtag" rel="nofollow noopener" target="_blank">#NIST</a> <a href="https://mastodon.social/tags/Mapping" class="mention hashtag" rel="nofollow noopener" target="_blank">#Mapping</a> <a href="https://mastodon.social/tags/programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#programming</a> <a href="https://mastodon.social/tags/CFML" class="mention hashtag" rel="nofollow noopener" target="_blank">#CFML</a>

BCWHSMITRE ATT&CK & CISA CVE Mapping I have a connection established with CISA's CVE JSON and MITRE ATT&CK's TAXII API. But how do I map them together? <a href="https://wadebach.blackcatwhitehatsecurity.com/blog.cfm#cvemapping" rel="nofollow noopener" translate="no" target="_blank">https://wadebach.blackcatwhitehatsecurity.com/blog.cfm#cvemapping</a> <a href="https://mastodon.social/tags/Blog" class="mention hashtag" rel="nofollow noopener" target="_blank">#Blog</a> <a href="https://mastodon.social/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a> <a href="https://mastodon.social/tags/ATT" class="mention hashtag" rel="nofollow noopener" target="_blank">#ATT</a>&CK <a href="https://mastodon.social/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#CISA</a> <a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE</a> <a href="https://mastodon.social/tags/Mapping" class="mention hashtag" rel="nofollow noopener" target="_blank">#Mapping</a> <a href="https://mastodon.social/tags/programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#programming</a>

News BeepFire crews responding to blaze at Mitre 10 MEGA in West Auckland“On arrival, we found the building to be heavily smoke-logged.” The fire was reported at 6.41pm, he said.… <a href="https://newsbeep.org/tags/NewsBeep" class="mention hashtag" rel="nofollow noopener" target="_blank">#NewsBeep</a> <a href="https://newsbeep.org/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#News</a> <a href="https://newsbeep.org/tags/Headlines" class="mention hashtag" rel="nofollow noopener" target="_blank">#Headlines</a> #10 <a href="https://newsbeep.org/tags/around" class="mention hashtag" rel="nofollow noopener" target="_blank">#around</a> <a href="https://newsbeep.org/tags/at" class="mention hashtag" rel="nofollow noopener" target="_blank">#at</a> <a href="https://newsbeep.org/tags/auckland" class="mention hashtag" rel="nofollow noopener" target="_blank">#auckland</a> <a href="https://newsbeep.org/tags/blaze" class="mention hashtag" rel="nofollow noopener" target="_blank">#blaze</a> <a href="https://newsbeep.org/tags/crews" class="mention hashtag" rel="nofollow noopener" target="_blank">#crews</a> <a href="https://newsbeep.org/tags/fire" class="mention hashtag" rel="nofollow noopener" target="_blank">#fire</a> <a href="https://newsbeep.org/tags/from" class="mention hashtag" rel="nofollow noopener" target="_blank">#from</a> <a href="https://newsbeep.org/tags/in" class="mention hashtag" rel="nofollow noopener" target="_blank">#in</a> <a href="https://newsbeep.org/tags/mega" class="mention hashtag" rel="nofollow noopener" target="_blank">#mega</a> <a href="https://newsbeep.org/tags/mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#mitre</a> <a href="https://newsbeep.org/tags/NewZealand" class="mention hashtag" rel="nofollow noopener" target="_blank">#NewZealand</a> <a href="https://newsbeep.org/tags/NZ" class="mention hashtag" rel="nofollow noopener" target="_blank">#NZ</a> <a href="https://newsbeep.org/tags/responding" class="mention hashtag" rel="nofollow noopener" target="_blank">#responding</a> <a href="https://newsbeep.org/tags/to" class="mention hashtag" rel="nofollow noopener" target="_blank">#to</a> <a href="https://newsbeep.org/tags/tonight" class="mention hashtag" rel="nofollow noopener" target="_blank">#tonight</a> <a href="https://newsbeep.org/tags/west" class="mention hashtag" rel="nofollow noopener" target="_blank">#west</a> <a href="https://www.newsbeep.com/20636/" rel="nofollow noopener" translate="no" target="_blank">https://www.newsbeep.com/20636/</a>

CybersecKyleFrom yesterday:MITRE Launches New Framework to Tackle Crypto Risks <a href="https://www.infosecurity-magazine.com/news/mitre-launches-new-framework/" rel="nofollow noopener" translate="no" target="_blank">https://www.infosecurity-magazine.com/news/mitre-launches-new-framework/</a><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a>

:hacker_p: :hacker_f: :hacker_t:<a href="https://furry.engineer/@soatok" class="u-url mention" rel="nofollow noopener" target="_blank">@soatok</a> may I directly ask a question? During an interview I was asked about <a href="https://infosec.exchange/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a> <a href="https://infosec.exchange/tags/ATT" class="mention hashtag" rel="nofollow noopener" target="_blank">#ATT</a>&CK. I was aware of it but never considered it of actual utility. Do people use it actually?Thanks 🙇

CybersecKyleCVE Foundation eyes year-end launch following 11th-hour rescue of MITRE program“To set the record straight, there was no funding issue, but rather a contract administration issue that was resolved prior to a contract lapse,” <a href="https://cyberscoop.com/cve-program-funding-crisis-cve-foundation-mitre/" rel="nofollow noopener" translate="no" target="_blank">https://cyberscoop.com/cve-program-funding-crisis-cve-foundation-mitre/</a><a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE</a> <a href="https://infosec.exchange/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a>

Xavier «X» Santolaria :verified_paw: :donor:Updates from the <a href="https://infosec.exchange/tags/CVEFoundation" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVEFoundation</a><blockquote>Representatives from the CVE Foundation met with representatives from CISA on 4/24/2025. The talks were positive and encouraging. All parties wish to keep the conversation and progress moving forward.</blockquote><a href="https://www.thecvefoundation.org/news" rel="nofollow noopener" translate="no" target="_blank">https://www.thecvefoundation.org/news</a><a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#cve</a> <a href="https://infosec.exchange/tags/mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#mitre</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a>

Doug MetzI recorded a brief video, walking through some of the different functions in MalChela in the new GUI, stepping through basic static analysis to yara rule writing - all in minutes.  <a href="https://youtu.be/hI1EqojI1DA" rel="nofollow noopener" translate="no" target="_blank">https://youtu.be/hI1EqojI1DA</a><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#DFIR</a> <a href="https://infosec.exchange/tags/MalwareAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#MalwareAnalysis</a> <a href="https://infosec.exchange/tags/YARA" class="mention hashtag" rel="nofollow noopener" target="_blank">#YARA</a> <a href="https://infosec.exchange/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a> <a href="https://infosec.exchange/tags/Rust" class="mention hashtag" rel="nofollow noopener" target="_blank">#Rust</a>MalChela: <a href="https://github.com/dwmetz/MalChela" rel="nofollow noopener" translate="no" target="_blank">https://github.com/dwmetz/MalChela</a>Blog: <a href="https://bakerstreetforensics.com" rel="nofollow noopener" translate="no" target="_blank">https://bakerstreetforensics.com</a>

Benjamin Carr, Ph.D. 👨🏻‍💻🧬<a href="https://hachyderm.io/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE</a> fallout: The splintering of the standard <a href="https://hachyderm.io/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a> tracking system has begun Earlier this week, CVE program faced doom as the <a href="https://hachyderm.io/tags/US" class="mention hashtag" rel="nofollow noopener" target="_blank">#US</a> <a href="https://hachyderm.io/tags/government" class="mention hashtag" rel="nofollow noopener" target="_blank">#government</a> discontinued funding for <a href="https://hachyderm.io/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a>, the non-profit that operates the program. Uncle Sam U-turned at the very last minute. Meanwhile, the <a href="https://hachyderm.io/tags/EU" class="mention hashtag" rel="nofollow noopener" target="_blank">#EU</a> is rolling its own. <a href="https://hachyderm.io/tags/EuropeanUnion" class="mention hashtag" rel="nofollow noopener" target="_blank">#EuropeanUnion</a> Agency for <a href="https://hachyderm.io/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a> (<a href="https://hachyderm.io/tags/ENISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#ENISA</a>) developed and maintains this alternative, which is known as the <a href="https://hachyderm.io/tags/EUVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#EUVD</a>, or the European Union Vulnerability Database. <a href="https://www.theregister.com/2025/04/18/splintering_cve_bug_tracking/" rel="nofollow noopener" translate="no" target="_blank">https://www.theregister.com/2025/04/18/splintering_cve_bug_tracking/</a>

Marcus "MajorLinux" SummersSaved at the final hour!Security Database Used by Apple Goes Independent After Funding Cut [Updated] <a href="https://www.macrumors.com/2025/04/16/security-database-used-apple-goes-independent/" rel="nofollow noopener" translate="no" target="_blank">https://www.macrumors.com/2025/04/16/security-database-used-apple-goes-independent/</a><a href="https://toot.majorshouse.com/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://toot.majorshouse.com/tags/Apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#Apple</a> <a href="https://toot.majorshouse.com/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE</a> <a href="https://toot.majorshouse.com/tags/Mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#Mitre</a> <a href="https://toot.majorshouse.com/tags/Funding" class="mention hashtag" rel="nofollow noopener" target="_blank">#Funding</a> <a href="https://toot.majorshouse.com/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://toot.majorshouse.com/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#Tech</a>

Prof. Dr. Dennis-Kenji KipkerNach dem gestrigen Schock und der drohenden CVE-Abschaltung hat die US-Regierung die Finanzierungsvereinbarung mit der <a href="https://chaos.social/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a> Corporation im so ziemlich letzten Moment verlängert.Im Nachgang an den gestrigen Tag ergeben sich durchaus Parallelen zur bisherigen Trump'schen Salamitaktik in Fragen der nationalen Digitalregulierung mit außenpolitischer Relevanz.Viel deutlicher als gestern konnte der Weckruf für die EU wohl nicht sein, eigene Wege zu finden und zu gehen.<a href="https://www.heise.de/news/Nach-drohendem-CVE-Aus-Schwachstellendatenbank-der-EU-geht-an-den-Start-10354324.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/Nach-drohendem-CVE-Aus-Schwachstellendatenbank-der-EU-geht-an-den-Start-10354324.html</a>

Joe OrtizIn the very last minute, CISA extends funding to ensure 'no lapse in critical CVE services' for the next 11 months. Potential catastrophe of epic proportions averted....for now.<a href="https://www.bleepingcomputer.com/news/security/cisa-extends-funding-to-ensure-no-lapse-in-critical-cve-services/" rel="nofollow noopener" target="_blank">https://www.bleepingcomputer.com/news/security/cisa-extends-funding-to-ensure-no-lapse-in-critical-cve-services/</a><a href="https://mastodon.sdf.org/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#cve</a> <a href="https://mastodon.sdf.org/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://mastodon.sdf.org/tags/mitre" class="mention hashtag" rel="nofollow noopener" target="_blank">#mitre</a> <a href="https://mastodon.sdf.org/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://mastodon.sdf.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://mastodon.sdf.org/tags/cisa" class="mention hashtag" rel="nofollow noopener" target="_blank">#cisa</a>

Manuel 'HonkHase' Atug<a href="https://chaos.social/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE</a>-Aus abgewendet, <a href="https://chaos.social/tags/Schwachstellendatenbank" class="mention hashtag" rel="nofollow noopener" target="_blank">#Schwachstellendatenbank</a> der <a href="https://chaos.social/tags/EU" class="mention hashtag" rel="nofollow noopener" target="_blank">#EU</a> geht an den Start"Entscheidung in letzter Minute - offenbar geht der Vertrag zwischen <a href="https://chaos.social/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#CISA</a> und <a href="https://chaos.social/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a> in die Verlängerung. Mehrere Initiativen präsentieren derweil Alternativen. Die US-Cybersicherheitsbehörde CISA hat den Vertrag mit der MITRE Corporation, Betreiberin der CVE-Datenbank, offenbar in allerletzter Sekunde verlängert..." <a href="https://www.heise.de/news/Nach-drohendem-CVE-Aus-Schwachstellendatenbank-der-EU-geht-an-den-Start-10354324.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/Nach-drohendem-CVE-Aus-Schwachstellendatenbank-der-EU-geht-an-den-Start-10354324.html</a>

Nick EspinosaWhy The CVE Database Is Beyond Important To Cybersecurity and the World. Note: check out the video for a presentation on this one!Edit: Funding has been extended for a while but this is still a critical issue. It's clear that no single source should be funding this critical project.<a href="https://mastodon.social/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#News</a> <a href="https://mastodon.social/tags/TechNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#TechNews</a> <a href="https://mastodon.social/tags/MITRE" class="mention hashtag" rel="nofollow noopener" target="_blank">#MITRE</a> <a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE</a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vulnerability</a> <a href="https://mastodon.social/tags/USA" class="mention hashtag" rel="nofollow noopener" target="_blank">#USA</a><a href="https://youtu.be/-psdhAJINXc" rel="nofollow noopener" translate="no" target="_blank">https://youtu.be/-psdhAJINXc</a>

Recent searches

Search options

Administered by:

Server stats:

#mitre