Secure Your Enterprise with Robust DNS: A Guide to NIST SP 800-81r3

...

GHSA-HW43-FCMM-3M5G Emissary May Use a Broken or Risky Cryptographic Algorithm

Summary The ChecksumCalculator class within allows for hashing and checksum generation, but it includes or defaults to algorithms that are no longer recommended for secure cryptographic use cases e.g., SHA-1, CRC32, and SSDEEP. These algorithms, while possibly valid for certain...

How to Keep Your Business Running in a Contested Environment

When organizations start incorporating cybersecurity regulations and cyber incident reporting requirements into their security protocols, it's essential for them to establish comprehensive plans for preparation, mitigation, and response to potential threats. At the heart of your business lies you...

CISA and Partners Release BianLian Ransomware Cybersecurity Advisory

CISA, the Federal Bureau of Investigation FBI, and the Australian Cyber Security Centre ACSC have released a joint Cybersecurity Advisory CSA with known BianLian ransomware and data extortion group technical details. Microsoft and Sophos contributed to the advisory. To reduce the likelihood and...

Strengthening Cybersecurity of SATCOM Network Providers and Customers

Summary Updated May 10, 2022: The U.S. government attributes this threat activity to Russian state-sponsored malicious cyber actors. Additional information may be found in a statement from the State Department . For more information on Russian malicious cyber activity, refer to...

How the Biden Administration's cybersecurity order will affect companies

“It is the policy of my Administration that the prevention, detection, assessment, and remediation of cyber incidents is a top priority and essential to national and economic security.” The Biden Administration recently issued Executive Order EO 14028, “Improving the Nation’s Cybersecurity,” to...

IoT Cybersecurity Improvement Act Passed, Heads to President's Desk

Security experts are applauding the recent stamp of approval by the U.S. Senate on a groundbreaking internet-of-things IoT security regulatory effort. The IoT Cybersecurity Improvement Act, which was led in bipartisan sponsorship by Reps. Will Hurd R-Texas and Robin Kelly D-Ill., would require th...

Congress unanimously passes federal IoT security law

The US Senate unanimously passed the IoT Cybersecurity Improvement Act H.R.1668 yesterday. The US House passed the bill in September, so it is highly likely to become law, barring a Presidential veto. This is arguably the most significant US IoT-specific cybersecurity law to date, as well as the...

Security Bulletins for Emptoris Strategic Supply Management Platform.

Question Security Bulletins for Emptoris Strategic Supply Management Platform. Answer This article tracks all Security Bulletins for Emptoris?Strategic Supply Management Platform. IBM's Product Security Incident Response Team PSIRT follows the NIST guidelines for determining the severity rating o...

A step closer to stronger federal IoT security

On Tuesday September 15th, the US House unanimously passed the IoT Cybersecurity Improvement Act H.R. 1668. The bill, sponsored by Reps. Kelly and Hurd, would require federal procurement and use of IoT devices to conform to basic security requirements. The version passed by the House makes severa...

Security Bulletins for Emptoris Program Management

Question Security Bulletins for Emptoris Program Management Answer This article tracks all Security Bulletins for Emptoris Program Management. IBM's Product Security Incident Response Team PSIRT follows the NIST guidelines for determining the severity rating of the reported vulnerability - see "N...

Security Bulletins for Emptoris Services Procurement

Question Security Bulletins for Emptoris Services Procurement Answer This article tracks all Security Bulletins for Emptoris Services Procurement. IBM's Product Security Incident Response Team PSIRT follows the NIST guidelines for determining the severity rating of the reported vulnerability - se...

Security Bulletins for Emptoris Contract Management

Question Security Bulletins for Emptoris Contract Management Answer This article tracks all Security Bulletins for Emptoris Contract Management. IBM's Product Security Incident Response Team PSIRT follows the NIST guidelines for determining the severity rating of the reported vulnerability - see...

Security Bulletins for Emptoris Sourcing

Question Security Bulletins for Emptoris Sourcing Answer This article tracks all Security Bulletins for Emptoris Sourcing. IBM's Product Security Incident Response Team PSIRT follows the NIST guidelines for determining the severity rating of the reported vulnerability - see "NVD Vulnerability...

Security Bulletins for Emptoris Supplier Lifecycle Management

Question Security Bulletins for Emptoris Supplier Lifecycle Management Answer This article tracks all Security Bulletins for Emptoris Supplier Lifecycle Management. IBM's Product Security Incident Response Team PSIRT follows the NIST guidelines for determining the severity rating of the reported...

Federal Election Committee Audit Finds Security Deficiencies

The Federal Election Commission FEC, the government agency that keeps track of money raised each term by candidates and political action committees, is highly vulnerable to intrusions and data breaches according to a recent audit that discovered “significant deficiencies” in the FEC’s IT security...

NIST Offers Guidelines for Securing BIOS

As security defenses have advanced and become more adaptive in the last decade, malware authors and attackers have had to respond, looking for new ways to get their malicious software onto PCs or exploit previously unknown vulnerabilities. One target is the system BIOS, the low-level instruction...