February 27, 2024
Via: The RegisterAfter ten years operating under the original model, and two years working to revise it, the National Institute of Standards and Technology (NIST) has released version 2.0 of its Cybersecurity Framework (CSF). Unlike the original, which was designed with critical […]
September 18, 2023
Via: The RegisterLast October, Pennsylvania State University (Penn State) was sued by a former chief information officer for allegedly falsifying government security compliance reports. The lawsuit, recently unsealed, is a qui tam complaint (in Latin “who as well,”) meaning it was filed […]
Threats & Malware, Virus & Malware
June 12, 2023
Via: The Hacker NewsThe term “attack surface management” (ASM) went from unknown to ubiquitous in the cybersecurity space over the past few years. Gartner and Forrester have both highlighted the importance of ASM recently, multiple solution providers have emerged in the space, and […]
Threats & Malware, Vulnerabilities
May 3, 2023
Via: The Hacker NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released an Industrial Control Systems (ICS) advisory about a critical flaw affecting ME RTU remote terminal units. The security vulnerability, tracked as CVE-2023-2131, has received the highest severity rating of […]
August 11, 2021
Via: Help Net SecurityIn this interview with Help Net Security, Amanda L. Joyce, Group Leader, Strategic Cybersecurity Analysis & Research, Argonne National Laboratory, offers her unique perspective on the modern information security landscape. What are the most important takeaways from your decade of […]
July 23, 2021
Via: Help Net SecurityIn response to the 62% global increase in ransomware since 2019 (158% increase in North America) and over 40% of manufacturing firms suffering a cyberattack last year, Onclave Networks recommends manufacturers adopt zero trust architecture and security guidelines as supported […]
July 29, 2020
Via: Threat PostFace masks not only have shown in research to slow the spread of COVID-19, they also deter facial-recognition technology from correctly identifying people, according to a new study. New research from the National Institute of Standards and Technology (NIST) found […]
March 7, 2019
Via: Threat PostData privacy has been thrust into the limelight with the passage of the General Data Protection Regulation in Europe last year and a string of high-profile consumer privacy snafus. The National Institute of Standards and Technology has plans to help […]
November 6, 2018
Via: Security AffairsThe National Institute of Standards and Technology (NIST) is planning to use Artificial Intelligence to assign the CVSS scores to reported vulnerabilities. The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information security vulnerabilities and exposures. […]
August 20, 2018
Via: Hot for SecurityUS president Donald Trump signed the NIST Small Business Cybersecurity Act last week, a law that will help small businesses with resources to fend off cyberattacks, as part of a comprehensive governmental strategy to improve cybersecurity. The act was written […]
March 2, 2017
Via: DataBreach TodayLegislation calling on the National Institute of Standards and Technology to develop outcome metrics to demonstrate the effectiveness of the NIST Cybersecurity Framework is scheduled to be considered – and likely amended – at a markup session of the House […]
February 23, 2017
Via: Hot for SecurityUS federal entities are trying to help energy companies improve their security strategies after a series of hacks of US companies intensified concern. The attacks followed one last year that lead to a blackout in Kiev and attacks in 2015 […]
January 18, 2017
Via: DataBreach TodayThe National Institute of Standards and Technology has published a draft of its first revision to its cybersecurity framework, describing it as an update, not a major overhaul. “Just to be clear, we’re not headed toward a version 2.0 right […]
December 8, 2016
Via: Hot for SecurityTwo-factor authentication (2FA), also known as multi-factor authentication, might not be enough, the US National Institute of Standards and Technology (NIST) has repeatedly warned us this year. Meant to provide an extra layer of security by sending a code to […]
Access control, Privacy protection
July 26, 2016
Via: Hot for SecurityThe National Institute for Standards and Technology (NIST) has released a Digital Authentication Guideline draft proposing that all services abandon SMS-based two-factor authentication and use tokens and software cryptographic authenticators. Because messages can be redirected to a VoIP service and […]
Editorial, Network security, Vulnerabilities
January 28, 2016
Via: Russel EdwardsSCADA stands for Supervisory Control and Data Acquisition, being the consecrated denomination since the 70s for the remote monitoring and control activities necessary in modern industrial activities. A subcategory of the general ICS (Industrial Control Systems), SCADA systems gained importance […]
October 7, 2015
Via: phishingThe National Institute of Standards and Technology (#nist) has published a draft document for comment, in order to tackle two main threats to email services: #phishing Leaking confidential information NIST says that “In phishing, hackers use forged emails to trick […]