Tag: nist
-
NIST releases open-source platform for AI safety testing
First seen on scmagazine.com Jump to article: www.scmagazine.com/news/nist-releases-open-source-platform-for-ai-safety-testing
-
NIST Unveils New AI Model Risk Testing Tool
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/nist-unveils-new-ai-model-risk-testing-tool
-
Firmware, Supply Chain, and Frameworks NIST SP 800-53
NIST Special Publication 800-53 rev 5, Security and Privacy Controls for Information Systems and Organizations, is one of the most important and influ… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/firmware-supply-chain-and-frameworks-nist-sp-800-53/
-
Preparing for Q-Day as NIST nears approval of PQC standards
Q-Day, the day when a cryptographically relevant quantum computer can break most forms of modern encryption, is fast approaching, leaving the complex … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/01/pqc-standardization/
-
93% of vulnerabilities unanalyzed by NVD since February
New research from VulnCheck shows the NIST’s National Vulnerability Database has struggled to manage a growing number of reported vulnerabilities this… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366586172/93-of-vulnerabilities-unanalyzed-by-NVD-since-February
-
Cyber Trust Mark: The Impacts and Incentives of Early Adoption
The Cyber Trust Mark is a labeling initiative for consumer IoT devices in the United States that builds on work undertaken by the FCC and NIST, establ… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/cyber-trust-mark-the-impacts-and-incentives-of-early-adoption/
-
Catching Up on Innovation With NIST CSF 2.0
First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/catching-up-on-innovation-with-nist-csf-2-0
-
NIST turns to IT consultants to clear National Vulnerability Database backlog
First seen on theregister.com Jump to article: www.theregister.com/2024/06/03/nist_cve_backlog/
-
NIST Publishes Draft OT Cybersecurity Guide for Water Sector
Agency Seeks Feedback on OT Security Reference Guide for Water, Wastewater Sectors. The U.S. National Institute of Standards and Technology wants publ… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/nist-publishes-draft-ot-cybersecurity-guide-for-water-sector-a-25505
-
NVD-Schwachstellendatenbank: NIST verpflichtet Unternehmen zur Mithilfe
First seen on heise.de Jump to article: www.heise.de/news/NVD-Schwachstellendatenbank-NIST-verpflichtet-Unternehmen-zur-Mithilfe-9756078.html
-
NIST Commits to Plan to Resume NVD Work
The agency aims to burn down the backlog of vulnerabilities waiting to be added to the National Vulnerabilities Database via additional funding, third… First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/nist-commits-to-plan-resume-nvd-work
-
NIST Turns To IT Consultants To Clear National Vulnerability Database
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35957/NIST-Turns-To-IT-Consultants-To-Clear-National-Vulnerability-Database.html
-
Week in review: Attackers trying to access Check Point VPNs, NIST CSF 2.0 security metrics evolution
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RansomLord: Open-source anti-ransomware exploit tool… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/06/02/week-in-review-attackers-trying-to-access-check-point-vpns-nist-csf-2-0-security-metrics-evolution/
-
NIST Commits to Vulnerability Plan, But Researchers’ Concerns Remain
The agency aims to burn down the backlog of vulnerabilities that need enrichment using additional funding and a third-party contract, but what’s the l… First seen on darkreading.com Jump to article: www.darkreading.com/application-security/nist-commits-to-vulnerability-plan-but-researchers-concerns-remain
-
In Other News: Apple WPS Surveillance, Canadian Gov Wants Backdoors, NIST AI Program
Noteworthy stories that might have slipped under the radar: Apple WPS can be abused for surveillance, Canadian government wants backdoors, NIST launch… First seen on securityweek.com Jump to article: www.securityweek.com/in-other-news-apple-wps-surveillance-canadian-gov-wants-backdoors-nist-ai-program/
-
Comprehensive Guide to NIST SP 800-171 Revision 3 Compliance
Few documents carry as much weight as the NIST Special Publication (SP) 800-171. Designed to safeguard sensitive information within non-federal system… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/06/comprehensive-guide-to-nist-sp-800-171-revision-3-compliance/
-
NIST says NVD will be back on track by September 2024
The National Institute of Standards and Technology (NIST) has awarded a contract for an unnamed company/organization to help them process incoming Com… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/05/30/nist-nvd-back-on-track/
-
NIST unveils ARIA to evaluate and verify AI capabilities, impacts
The National Institute of Standards and Technology (NIST) is launching a new testing, evaluation, validation and verification (TEVV) program intended … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/05/30/nist-aria/
-
New vendor to help address vulnerability database backlog
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/nist-new-vendor-to-help-address-vulnerability-database-backlog
-
Zoom Adopts NIST-Approved Post-Quantum EndEnd Encryption for Meetings
Popular enterprise services provider Zoom has announced the rollout of post-quantum end-to-end encryption (E2EE) for Zoom Meetings, with support for Z… First seen on thehackernews.com Jump to article: thehackernews.com/2024/05/zoom-adopts-nist-approved-post-quantum.html
-
NIST Getting Outside Help for National Vulnerability Database
NIST is receiving support to get the NVD and CVE processing back on track within the next few months. The post receiving support to get the NVD and CV… First seen on securityweek.com Jump to article: www.securityweek.com/nist-getting-outside-help-for-national-vulnerability-database/
-
NIST Unveils Plan to Restore National Vulnerability Database
Agency Awards Contract for Additional Staffing to Cope With Massive Backlog of CVEs. The U.S. National Institute of Standards and Technology announced… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/nist-unveils-plan-to-restore-national-vulnerability-database-a-25366
-
NVD cutbacks hamper NIST’s vulnerability analysis
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/nvd-cutbacks-hamper-nists-vulnerability-analysis
-
NIST Struggles with NVD Backlog as 93% of Flaws Remain Unanalyzed
The funding cutbacks announced in February have continued to hobble NIST’s ability to keep the government’s National Vulnerabilities Database (NVD) up… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/nist-struggles-with-nvd-backlog-as-93-of-flaws-remain-unanalyzed/
-
NVD Leaves Exploited Vulnerabilities Unchecked
Over half of CISA’s known exploited vulnerabilities disclosed since February 2024 have not yet been analyzed by NIST’s National Vulnerability Database… First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nvd-exploited-vulnerabilities/
-
The evolution of security metrics for NIST CSF 2.0
CISOs have long been spreadsheet aficionados, soaking up metrics and using them as KPIs for security progress. These metrics have traditionally measur… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/05/28/cisos-security-metrics-nist-csf-2-0/
-
Get on Cybersecurity Certification Track With $145 Off These Courses
This $50 bundle can get you five courses to enable you to earn CompTIA, NIST and more leading cybersecurity certifications that will help you build a … First seen on techrepublic.com Jump to article: www.techrepublic.com/article/complete-cyber-security-expert-certification-training-bundle/
-
NIST Confusion Continues as Cyber Pros Complain CVE Uploads Stalled
Several software security experts have told Infosecurity that no new vulnerabilities have been added to the US National Vulnerability Database (NVD) s… First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nist-cve-stop-questioned/
-
What is a POAM
If you’re a defense contractor and need to comply with NIST 800-171, then you need to know about System Security Plans (SSPs) and Plans of Actions … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/what-is-a-poam/
-
Nur NIST P-521 betroffen: PuTTY-Lücke kompromittiert private SSH-Schlüssel
Tags: nistBereits seit sieben Jahren schlummert die Lücke im freien Terminalclient PuTTY. Angreifer müssen jedoch einige Hürden nehmen, um SSH-Schlüssel zu klau… First seen on heise.de Jump to article: www.heise.de/news/Nur-NIST-P-521-betroffen-PuTTY-Luecke-kompromittiert-private-SSH-Schluessel-9687539.html