Lucene search
K

10 matches found

CISA
CISA
added 2023/04/28 12:0 p.m.12 views

CISA Requests for Comment on Secure Software Self-Attestation Form

CISA has issued requests for comment on the Secure Software Self-Attestation Form. CISA, in coordination with the Office of Budget and Management OMB, released proposed guidance on secure software. This guidance seeks to secure software leveraged by the federal government. CISA expects agencies t...

7AI score
Exploits0References3
Schneier on Security
Schneier on Security
added 2017/06/26 11:59 a.m.27 views

The FAA Is Arguing for Security by Obscurity

In a proposed rule by the FAA, it argues that software in an Embraer S.A. Model ERJ 190-300 airplane is secure because it's proprietary: In addition, the operating systems for current airplane systems are usually and historically proprietary. Therefore, they are not as susceptible to corruption...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2016/09/27 2:51 p.m.6 views

Mozilla Wants to Drop WoSign as Trusted CA

Mozilla has accused a Chinese Certificate Authority of back-dating SHA-1 certificates to get around restrictions barring deprecated certs from being trusted, and is ready to ban the CA for one year. The back-dating is just one of many violations derived after a lengthy investigation of WoSign and...

0.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2016/07/27 12:57 p.m.51 views

NIST Recommends SMS Two-Factor Authentication Deprecation

A U.S. government agency said the end is nigh for SMS-based two-factor authentication, citing a lack of security around the feature. The latest draft version of the Digital Authentication Guideline issued this week by the U.S. National Institute for Standards and Technology NIST said the practice...

0.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2016/03/01 10:24 a.m.9 views

White House Wants Wassenaar Renegotiation

The White House, lawmakers said yesterday, wants to renegotiate the divisive U.S. implementation of the Wassenaar Arrangement rules as they relate to intrusion software. A draft of the rules was pulled off the table in July by the Commerce Department’s Bureau of Industry and Security BIS followin...

0.7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2016/02/04 3:51 p.m.12 views

Government Promises Comment Period on Next Wassenaar Draft

It’s been months since the U.S. Commerce Department’s Bureau of Industry and Security pulled the U.S. implementation of the Wassenaar Arrangement off the table for an unusual rewrite of the rules governing so-called intrusion software. The overly broad rule drew the ire of security and privacy...

0.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2015/07/20 2:38 p.m.12 views

Google Calls Proposed U.S. Wassenaar Rules 'Not Feasible'

As the clock winds down on the comment period for the United States government’s proposed implementation of the Wassenaar Arrangement export controls for intrusion software, Google officials say that the rules would have a “significant negative impact” on security research. The Department of...

0.7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2015/07/15 11:6 a.m.10 views

Coalition of Security Companies Forms to Oppose Wassenaar Rules

A large group of security companies have formed a coalition to oppose the proposed rules from the Department of Commerce that would regulate the export of so-called intrusion software, a broad term that researchers and legal experts are concerned would limit security research and development. The...

0.1AI score
Exploits0References1
ThreatPost
ThreatPost
added 2014/04/22 5:6 p.m.17 views

NIST removes Dual EC DRBG from SP 800-90A

The maligned Dual EC DRBG random number generator at the core of a $10 million secret contract between RSA Security and the National Security Agency has been removed from NIST’s draft guidance on random number generators. The National Institute for Standards and Technology said it will request...

0.4AI score
Exploits0References4
ThreatPost
ThreatPost
added 2012/11/22 2:21 a.m.18 views

Facebook Proposes Eliminating User Voting System for Privacy Changes

Facebook today announced plans to eliminate its voting system that gave users a say in how their privacy is handled. In a statement issued Wednesday, Elliot Schrage, Vice President, Communications, Public Policy and Marketing for the Menlo Park, Calif.-based social media company, said the voting...

6.9AI score
Exploits0References1
Rows per page
Query Builder