Lucene search
K

73 matches found

Schneier on Security
Schneier on Security
added 2025/06/06 5:43 p.m.13 views

Hearing on the Federal Government and AI

On Thursday I testified before the House Committee on Oversight and Government Reform at a hearing titled "The Federal Government in the Age of Artificial Intelligence." The other speakers mostly talked about how cool AI was--and sometimes about how cool their own company was--but I was asked by...

7.2AI score
Exploits0
Talos Blog
Talos Blog
added 2024/05/09 6:0 p.m.40 views

A new alert system from CISA seems to be effective — now we just need companies to sign up

One of the great cybersecurity challenges organizations currently face, especially smaller ones, is that they dont know what they dont know. Its tough to have your eyes on everything all the time, especially with so many pieces of software running and IoT devices extending the reach of networks...

9.8CVSS8.9AI score0.63076EPSS
Exploits2
Talos Blog
Talos Blog
added 2024/04/25 6:0 p.m.38 views

The private sector probably isn’t coming to save the NVD

I wrote last week about the problems arising from the massive backlog of vulnerabilities at the U.S. National Vulnerability Database. Thousands of CVEs are still without analysis data, and the once-reliable database of every single vulnerability thats disclosed and/or patched is now so far behind...

4.3CVSS7.3AI score0.14949EPSS
Exploits0
Schneier on Security
Schneier on Security
added 2024/02/28 12:2 p.m.17 views

A Cyber Insurance Backstop

In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017. The malware ultimately infected more than 40,000 of...

7.1AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2023/11/20 9:38 p.m.20 views

Navigating the AI security landscape: The federal push for responsible AI adoption

This blog post discusses the U.S. government's commitment to responsible AI through the Executive Order and proposed legislation, outlines key provisions for AI risk management, highlights efforts to strengthen federal AI governance, and emphasizes Coalfire's role in promoting responsible AI...

7.5AI score
Exploits0
CISA
CISA
added 2023/11/16 12:0 p.m.7 views

CISA Requests Comment on Draft Secure Software Development Attestation Form

CISA has opened a 30-day Federal Register notice to receive public comment on the draft Secure Software Development Attestation Form. CISA developed this form in coordination with the Office of Management and Budget. With the Secure Software Development Attestation Form, federal departments and...

7AI score
Exploits0References3
CISA
CISA
added 2023/09/12 12:0 p.m.6 views

CISA Releases its Open Source Software Security Roadmap

Today, CISA released an Open Source Software Security Roadmap to lay out—in alignment with the National Cybersecurity Strategy and the CISA Cybersecurity Strategic Plan—how we will partner with federal agencies, open source software OSS consumers, and the OSS community, to secure OSS...

7.3AI score
Exploits0References3
Malwarebytes
Malwarebytes
added 2023/06/19 3:0 p.m.14 views

US dangles $10 million reward for information about Cl0p ransomware gang

The US Department of States national security rewards program, Rewards for Justice RFJ, is offering a reward of up to $10 million for information linking the Cl0p ransomware gang, or any other malicious cyber actors targeting US critical infrastructure, to a foreign government. Advisory from...

6.8AI score
Exploits0
Qualys Blog
Qualys Blog
added 2023/05/10 7:11 p.m.16 views

Adopting an Effective and Easy To Implement Zero Trust Architecture

Security professionals employed by a federal agency, supplier, or regulated private sector firm are often challenged by long lists of required cybersecurity rules that can seem endless and unchanging. White House Executive Orders, FedRAMP requirements, CISA Binding Operational Directives, NIST...

6.7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/05/02 12:0 a.m.11 views

To Keep Up With Cybersecurity Laws, Go 'Federal First'

With new cybersecurity laws and regulations rolling out, the best way to maintain broad compliance is to align with the most stringent frameworks. In the U.S., that means taking a ‘federal first’ approach—conforming to the highest security requirements of the United States federal government...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/28 8:55 a.m.31 views

President Biden Signs Executive Order Restricting Use of Commercial Spyware

U.S. President Joe Biden on Monday signed an executive order that restricts the use of commercial spyware by federal government agencies. The order said the spyware ecosystem "poses significant counterintelligence or security risks to the United States Government or significant risks of improper...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/28 8:55 a.m.4 views

President Biden Signs Executive Order Restricting Use of Commercial Spyware

U.S. President Joe Biden on Monday signed an executive order that restricts the use of commercial spyware by federal government agencies. The order said the spyware ecosystem "poses significant counterintelligence or security risks to the United States Government or significant risks of improper...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2022/12/16 7:39 a.m.30 views

Goodbye SHA-1: NIST Retires 27-Year-Old Widely Used Cryptographic Algorithm

The U.S. National Institute of Standards and Technology NIST, an agency within the Department of Commerce, announced Thursday that it's formally retiring the SHA-1 cryptographic algorithm. SHA-1, short for Secure Hash Algorithm 1, is a 27-year-old hash function used in cryptography and has since...

7.2AI score
Exploits0
CISA
CISA
added 2022/06/16 12:0 a.m.16 views

CISA Requests Public Comment on CISA’s TIC 3.0 Cloud Use Case

CISA has released Trusted Internet Connections TIC 3.0 Cloud Use Case for public comment. TIC is a federal cybersecurity initiative intended to secure federal data, networks, and boundaries while providing visibility into agency traffic, including cloud communications. TIC use cases provide...

1.1AI score
Exploits0References3
CISA
CISA
added 2022/04/19 12:0 a.m.26 views

CISA Releases Secure Cloud Business Applications (SCuBA) Guidance Documents for Public Comment

CISA has released draft versions of two guidance documents—along with a request for comment RFC—that are a part of the recently launched Secure Cloud Business Applications SCuBA project: Secure Cloud Business Applications SCuBA Technical Reference Architecture TRA Extensible Visibility Reference...

Exploits0References2
Microsoft Secure
Microsoft Secure
added 2022/02/22 5:0 p.m.25 views

The federal Zero Trust strategy and Microsoft’s deployment guidance for all

You’d be forgiven for missing the White House announcement on federal Zero Trust strategy on January 26, 2022.1 After all, on that day alone a Supreme Court Justice announced his intention to retire, the Federal Reserve announced its plan to raise interest rates, and the State Department was busy...

6.5AI score
Exploits0
CISA
CISA
added 2022/01/20 12:0 a.m.13 views

CISA Releases Final Version of Guidance: IPv6 Considerations for TIC 3.0

CISA has released the final version of Internet Protocol version 6 IPv6 Considerations for Trusted Internet Connections TIC 3.0. This guidance supports the federal government-wide deployment and use of the modernized network protocol. The final version includes feedback provided during the public...

6.8AI score
Exploits0References4
Rapid7 Blog
Rapid7 Blog
added 2022/01/10 2:57 p.m.212 views

The 2021 Naughty and Nice Lists: Cybersecurity Edition

Editor’s note: We had planned to publish our Hacky Holidays blog series throughout December 2021 – but then Log4Shell happened, and we dropped everything to focus on this major vulnerability that impacted the entire cybersecurity community worldwide. Now that it’s 2022, we’re feeling in need of...

9.3CVSS9.9AI score0.99999EPSS
Exploits351
CISA
CISA
added 2021/11/16 12:0 a.m.25 views

New Federal Government Cybersecurity Incident and Vulnerability Response Playbooks

The White House, via Executive Order EO 14028: Improving the Nation’s Cybersecurity, tasked CISA, as the operational lead for federal cybersecurity, to “develop a standard set of operational procedures i.e., playbook to be used in planning and conducting cybersecurity vulnerability and incident...

6.7AI score
Exploits0References3
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/06/30 1:0 p.m.38 views

The critical role of Zero Trust in securing our world

We are operating in the most complex cybersecurity landscape that we’ve ever seen. While our current ability to detect and respond to attacks has matured incredibly quickly in recent years, bad actors haven’t been standing still. Large-scale attacks like those pursued by Nobelium1 and Hafnium,...

7.1AI score
Exploits0
Rows per page
Query Builder