NIST's New Post-Quantum Cryptography Standards Announced

NIST's New Post-Quantum Cryptography Standards Announced

The U.S. National Institute of Standards and Technology this week unveiled three encryption algorithms designed to resist cyberattacks, which industry observers said are a positive step toward preventing cyberattacks that break current encryption methods. The Federal Information Processing Standard (FIPS) 203, 204, and 205 provide standards for general encryption and protecting digital signatures. They were derived from multiple submissions in NIST’s post-quantum cryptography standardization project. Quantum computers are rapidly increasing the ability for high-performance computing,…

Read More

How the NIST Cybersecurity Framework 2.0 helps protect businesses

How the NIST Cybersecurity Framework 2.0 helps protect businesses

Earlier this year, the U.S. National Institute of Standards and Technology (NIST) released version 2.0 of its Cybersecurity Framework or “CSF.” The NIST CSF has been pivotal in helping medium-sized organizations navigate the increasingly complex cybersecurity landscape. For those enterprises that are too large to be called “small” yet often struggle to find the budget and internal IT security resources available to large enterprises, the CSF offers a robust cyber defense mechanism for safeguarding any…

Read More

Microsoft Patched 6 Actively Exploited Zero-Day Flaws

Microsoft Patched 6 Actively Exploited Zero-Day Flaws

Patch Tuesday, Microsoft’s monthly report of security updates, brought 90 CVEs, including some vulnerabilities that were being actively exploited. Some vulnerabilities originated in Chromium, meaning both Microsoft Edge and Google Chrome may have been affected. Here are the most critical flaws and patches disclosed by Microsoft on Aug. 13. Six zero-day flaws had been exploited Threat actors had already taken advantage of six zero-day exploits in particular: CVE-2024-38106: an elevation of privilege vulnerability in the…

Read More

Understanding the impact of the NIST NVD backlog on MSPs

Understanding the impact of the NIST NVD backlog on MSPs

Since February 2024, the National Institute of Standards and Technology’s (NIST) National Vulnerability Database (NVD) has encountered delays in processing vulnerabilities. This backlog, caused by factors such as software proliferation, budget cuts and changes in support, has significant implications for managed service providers (MSPs). Budget cuts and increased vulnerabilities NIST, an agency within the United States Commerce Department, saw its budget cut by nearly 12% this year. For over 20 years, the NVD has been…

Read More

Get on Cybersecurity Certification Track With These Courses

Get on Cybersecurity Certification Track With These Courses

TL;DR: Dive into the world of cybersecurity with The Complete 2024 Cyber Security Expert Certification Training Bundle, now just $49.99 (reg. $195). As the world gets more and more online, cybersecurity threats become more and more complex and challenging to navigate. There’s a massive demand for cybersecurity experts, and if you’re interested in pursuing a lucrative new career or bringing a necessary business cost in-house, The Complete 2024 Cyber Security Expert Certification Training Bundle can…

Read More

BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 2023

BeyondTrust Report: Microsoft Security Vulnerabilities Decreased by 5% in 2023

The number of Microsoft vulnerabilities has mostly flattened in 2023, with elevation of privilege and identity attacks being particularly common, according to BeyondTrust’s annual Microsoft Vulnerabilities report. Identity and access management solutions company BeyondTrust studied the most significant CVEs of 2023 and Microsoft vulnerability data from Microsoft’s monthly Patch Tuesday bulletins. The report includes vulnerability trends and tips about how to reduce identity attacks. Microsoft reported 1,228 vulnerabilities in 2023 The total number of Microsoft…

Read More

NIST Cybersecurity Framework: A Cheat Sheet for Professionals

NIST Cybersecurity Framework: A Cheat Sheet for Professionals

The National Institute of Standards and Technology has updated its Cybersecurity Framework for 2024. Version 2.0 of the NIST CSF, the first major update since the framework was released a decade ago, was created with the goal of expanding the primary audience from critical infrastructure to all organizations. In general, the NIST CSF aims to standardize practices to ensure uniform protection of all U.S. cyber assets. TechRepublic’s cheat sheet about the NIST CSF is an…

Read More

Develop Advanced Cybersecurity Skills for Just $80

Develop Advanced Cybersecurity Skills for Just

TL;DR: Develop the skills you need to advance in the lucrative cybersecurity field with The 2023 Ultimate Advanced CyberSecurity Professional Certification Bundle — it’s currently on sale for just $80. You now have the opportunity to develop advanced cybersecurity skills at your own pace with The 2023 Ultimate Advanced CyberSecurity Professional Certification Bundle. Best of all, it’s on sale right now for only $79.99 at TechRepublic Academy. Cyber attacks are on the rise, according to…

Read More

NIST Establishes AI Safety Consortium

NIST Establishes AI Safety Consortium

Image: Adobe/Grandbrothers The National Institute of Standards and Technology established the AI Safety Institute on Feb. 7 to determine guidelines and standards for AI measurement and policy. U.S. AI companies and companies that do business in the U.S. will be affected by those guidelines and standards and may have the opportunity to have input about them. What is the U.S. AI Safety Institute consortium? The U.S. AI Safety Institute is a joint public and private…

Read More

White House Executive Order on AI Provides Guidelines for AI Privacy and Safety

White House Executive Order on AI Provides Guidelines for AI Privacy and Safety

The Biden administration directed government organizations, including NIST, to encourage responsible and innovative use of generative AI. Image: Maksym Yemelyanov/Adobe Stock Today, U.S. President Joe Biden released an executive order on the use and regulation of artificial intelligence. The executive order features wide-ranging guidance on maintaining safety, civil rights and privacy within government agencies while promoting AI innovation and competition throughout the U.S. Although the executive order doesn’t specify generative artificial intelligence, it was likely…

Read More
1 2