Tag: nist
-
NIST Unveils Plan to Restore National Vulnerability Database
Agency Awards Contract for Additional Staffing to Cope With Massive Backlog of CVEs. The U.S. National Institute of Standards and Technology announced… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/nist-unveils-plan-to-restore-national-vulnerability-database-a-25366
-
NVD cutbacks hamper NIST’s vulnerability analysis
First seen on scmagazine.com Jump to article: www.scmagazine.com/brief/nvd-cutbacks-hamper-nists-vulnerability-analysis
-
NIST Struggles with NVD Backlog as 93% of Flaws Remain Unanalyzed
The funding cutbacks announced in February have continued to hobble NIST’s ability to keep the government’s National Vulnerabilities Database (NVD) up… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/nist-struggles-with-nvd-backlog-as-93-of-flaws-remain-unanalyzed/
-
NVD Leaves Exploited Vulnerabilities Unchecked
Over half of CISA’s known exploited vulnerabilities disclosed since February 2024 have not yet been analyzed by NIST’s National Vulnerability Database… First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nvd-exploited-vulnerabilities/
-
The evolution of security metrics for NIST CSF 2.0
CISOs have long been spreadsheet aficionados, soaking up metrics and using them as KPIs for security progress. These metrics have traditionally measur… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/05/28/cisos-security-metrics-nist-csf-2-0/
-
Get on Cybersecurity Certification Track With $145 Off These Courses
This $50 bundle can get you five courses to enable you to earn CompTIA, NIST and more leading cybersecurity certifications that will help you build a … First seen on techrepublic.com Jump to article: www.techrepublic.com/article/complete-cyber-security-expert-certification-training-bundle/
-
NIST Confusion Continues as Cyber Pros Complain CVE Uploads Stalled
Several software security experts have told Infosecurity that no new vulnerabilities have been added to the US National Vulnerability Database (NVD) s… First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nist-cve-stop-questioned/
-
What is a POAM
If you’re a defense contractor and need to comply with NIST 800-171, then you need to know about System Security Plans (SSPs) and Plans of Actions … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/05/what-is-a-poam/
-
Nur NIST P-521 betroffen: PuTTY-Lücke kompromittiert private SSH-Schlüssel
Tags: nistBereits seit sieben Jahren schlummert die Lücke im freien Terminalclient PuTTY. Angreifer müssen jedoch einige Hürden nehmen, um SSH-Schlüssel zu klau… First seen on heise.de Jump to article: www.heise.de/news/Nur-NIST-P-521-betroffen-PuTTY-Luecke-kompromittiert-private-SSH-Schluessel-9687539.html
-
NIST Cybersecurity Framework: A Cheat Sheet for Professionals (Free PDF)
The tech world has a problem: Security fragmentation. There’s no standard set of rules or even language for mitigating cyber risk used to address the … First seen on techrepublic.com Jump to article: www.techrepublic.com/resource-library/downloads/nist-cybersecurity-framework-a-cheat-sheet-for-professionals-free-pdf/
-
CISO Corner: Breaking Staff Burnout, GPT-4 Exploits, Rebalancing NIST
First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/ciso-corner-gpt-4-exploits-breaking-staff-burnout-rebalancing-nist
-
Sicherheitslücke in Putty: Rekonstruktion privater ECDSA-Schlüssel möglich
Angreifer können mit Putty verwendete Nist-P521-basierte Private Keys rekonstruieren. Auch andere Tools wie Filezilla, WinSCP und Tortoisegit sind anf… First seen on golem.de Jump to article: www.golem.de/news/sicherheitsluecke-in-putty-rekonstruktion-privater-ecdsa-schluessel-moeglich-2404-184208.html
-
Rebalancing NIST: Why ‘Recovery’ Can’t Stand Alone
Tags: nistFirst seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/rebalancing-nist-why-recovery-cant-stand-alone
-
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
The National Institute of Standards and Technology’s updated Cybersecurity Framework 2.0 can help healthcare organizations better formalize their gove… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/how-nist-csf-20-help-healthcare-sector-firms-i-5369
-
PuTTY vulnerability can be exploited to recover private keys (CVE-2024-31497)
A vulnerability (CVE-2024-31497) in PuTTY, a popular SSH and Telnet client, could allow attackers to recover NIST P-521 client keys due to the >>heavi… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/04/16/cve-2024-31497/
-
Cybersecurity Pros Urge US Congress to Help NIST Restore NVD Operation
An open letter signed by 50 cybersecurity practitioners requires the US Congress to support NIST in restoring operations at the National Vulnerability… First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/open-letter-nist-restore-nvd/
-
NIST CSF: A Fellowship for Your Cybersecurity Journey to 2.0
By Samuel Lewis, Senior Security Consultant The National Institute of Standards and Technology (NIST) released version 2.0 of the Cybersecurity Fram… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/nist-csf-a-fellowship-for-your-cybersecurity-journey-to-2-0/
-
NIST Wants Help Digging Out of Its NVD Backlog
First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/nist-needs-help-digging-out-of-its-vulnerability-backlog
-
NIST Artificial Intelligence Risk Management Framework (AI RMF 1.0)
First seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/nist-artificial-intelligence-risk-management-framework-ai-rmf-1-0/
-
NIST Grants $3.6 Million to Boost US Cybersecurity Workforce
NIST announced $3.6 million in grants for 18 education and community organizations to build the future cybersecurity workforce. The post ounced $3.6 m… First seen on securityweek.com Jump to article: www.securityweek.com/nist-grants-3-6-million-to-boost-us-cybersecurity-workforce/
-
NIST is working on longer-term solutions
The recent conspicuous faltering of the National Vulnerability Database (NVD) is >>based on a variety of factors, including an increase in software an… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/04/03/nvd-nist-support-solutions/
-
Sicherheitslückendatenbank NVD: NIST sucht den Ausweg aus Analyserückstand
First seen on heise.de Jump to article: www.heise.de/news/Sicherheitslueckendatenbank-NVD-NIST-sucht-den-Ausweg-aus-Analyserueckstand-9673988.html
-
NIST’s backlog of vulnerability analysis blamed on lack of support
First seen on scmagazine.com Jump to article: www.scmagazine.com/news/nists-backlog-of-vulnerability-analysis-blamed-on-lack-of-support
-
CVE and NVD A Weak and Fractured Source of Vulnerability Truth
MITRE is unable to compile a list of all new vulnerabilities, and NIST is unable to subsequently, and consequently, provide an enriched database of al… First seen on securityweek.com Jump to article: www.securityweek.com/cve-and-nvd-a-weak-and-fractured-source-of-vulnerability-truth/
-
NIST Proposes Public-Private Group to Help with NVD Backlog
An embattled National Institute of Standards and Technology (NIST), hobbled by budget cuts, is looking for more help from both inside and outside the … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/nist-proposes-public-private-group-to-help-with-nvd-backlog/
-
Continuous Monitoring and Frameworks: A Web of Security Vigilance
This blog delves into how continuous monitoring enhances the effectiveness of security frameworks, like ISO 27001, NIST CSF and SOC 2. The post g delv… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/continuous-monitoring-and-frameworks-a-web-of-security-vigilance/
-
NIST Unveils New Consortium to Operate National Vulnerability Database
First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nist-unveils-new-nvd-consortium/
-
NIST’s Vuln Database Downshifts, Prompting Questions About Its Future
Tags: nistFirst seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/nist-vuln-database-downshifts-prompting-questions-about-its-future
-
NIST NVD Under Construction
In recent weeks, NIST’s National Vulnerability Database (NVD) has been experiencing a slowdown. Since February 15, 2024, a prominent notice has adorne… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/03/nist-nvd-under-construction/
-
Update Delays To NIST Vulnerability DB Alarms Researchers
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/35669/Update-Delays-To-NIST-Vulnerability-DB-Alarms-Researchers.html