Other News.

MITRE ATT&CK Blog:

• What Comes After Detection Rules? Smarter Detection Strategies in ATT&CK
• ATT&CK v17: New Platform (ESXi), Collection Optimization, & More Countermeasures
• v16 Cloud Rebalancing, Analytics,
• Introducing TAXII 2.1 and a fond farewell to the TAXII 2.0 Server
• ATT&CK v15 Brings the Action

The Hacker News:

• Microsoft August 2025 Patch Tuesday Fixes Kerberos Zero-Day Among 111 Total New Flaws
• Charon Ransomware Hits Middle East Sectors Using APT-Level Evasion Tactics
• Researchers Spot XZ Utils Backdoor in Dozens of Docker Hub Images, Fueling Supply Chain Risks
• Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager
• Cybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on Businesses

SANS Internet Storm Center:

• Infocon: green
• CVE-2017-11882 Will Never Die, (Wed, Aug 13th)
• ISC Stormcast For Wednesday, August 13th, 2025 https://isc.sans.edu/podcastdetail/9568, (Wed, Aug 13th)
• Microsoft August 2025 Patch Tuesday, (Tue, Aug 12th)
• ISC Stormcast For Tuesday, August 12th, 2025 https://isc.sans.edu/podcastdetail/9566, (Tue, Aug 12th)

Threat Research:

• Sophos AI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job
• Shared secret: EDR killer in the kill chain
• GOLD BLADE remote DLL sideloading attack deploys RedLoader
• Small world: The revitalization of small AI models for cybersecurity
• SharePoint ‘ToolShell’ vulnerabilities being exploited in the wild

NVD (National Vulnerability Database):

• CVE-2023-36409
• CVE-2023-36769
• CVE-2023-47004
• CVE-2023-45556
• CVE-2023-5605