Released March 01, 2023 Since the Cybersecurity and Infrastructure Security Agency (CISA) announced its first edition of Best Practices for MITRE ATT&CK® Mapping nearly two years ago, the ATT&CK framework has evolved, expanded, and improved its ability to support more than just optimized cyber threat intelligence to the cybersecurity community…

Cisco updates endpoint, cloud, and web security products to address a critical vulnerability in third-party scanning library ClamAV. Cisco on Wednesday announced updates for endpoint, cloud, and web security products to address a critical vulnerability in third-party scanning library ClamAV. An open-source cross-platform antimalware toolkit, ClamAV can detect trojans, viruses…

MITRE released the Cyber Resiliency Engineering Framework (CREF) Navigator — a free, visualization tool that allows organizations to customize their cyber resiliency goals, objectives, techniques, as aligned with NIST SP 800–160, Volume 2 (Rev. 1), National Institute of Standards and Technology’s (NIST) publication on developing cyber-resilient systems. “Resiliency is the ultimate goal of cybersecurity,” said Wen Masters, VP, cyber technologies, MITRE. “Information and communications systems and those who depend on them must be resilient in the face of persistent, stealthy, and sophisticated cyber-attacks. …

Microsoft today released updates to fix nearly 100 security flaws in its Windows operating systems and other software. Highlights from the first Patch Tuesday of 2023 include a zero-day vulnerability in Windows, printer software flaws reported by the U.S. …