Diesen Kuß der ganzen Welt! European Union Vulnerability Database (EUVD) launches this week. And not a moment too soon. The post As US CVE Database Fumbles, EU ‘Replacement’ Goes Live appeared first on Security Boulevard.
Category: NIST
certificate lifecycle management, crypto-agility, Cryptographic Bill of Materials (CBOM), Global Security News, NIST, PKI, Post-quantum cryptography (PQC), PQC algorithms, PQC migration plan, PQC readiness, quantum‑safe cryptography, Security Bloggers Network, SHA‑1, SHA‑2
Why the Finance Sector Must Lead the Shift to Post-Quantum Cryptography
Quantum computing is not some far-off theory anymore, and the threat to today’s encryption is real with the clock running for organizations to be resilient. And for banks and finance organizations sitting on mountains of sensitive data, the urgency to prepare for post-quantum cryptography (PQC) is growing. With Q-day (the day a powerful quantum computer…
Amazon Web Services (AWS), CloudFlare, Global Security News, IBM, NIST, Post-Quantum Cryptography, quantum computing, RSAC 2025 Conference, Technology
Quantum computer threat spurring quiet overhaul of internet security
SAN FRANCISCO — Cryptography experts say the race to fend off future quantum-computer attacks has entered a decisive but measured phase, with companies quietly replacing the internet plumbing that the majority of the industry once considered unbreakable. Speaking at Cloudflare’s Trust Forward Summit on Wednesday, encryption leaders at IBM Research, Amazon Web Services and Cloudflare…
CISA, CVE, CVE Foundation, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Global Security News, MITRE, National Vulnerability Database, NIST
CISA reverses course, extends MITRE CVE contract
In a last-minute switch, the Cybersecurity and Infrastructure Security Agency said it will continue funding a contract for MITRE to manage the CVE program and other vulnerability databases. In a statement sent to CyberScoop, a spokesperson said the agency executed an option to extend the contract and avoid a potential lapse in a program that…
Analytics & Intelligence, CISA, CISA Research, Cloud Security, Common Vulnerabilities and Exposures, CVE, CVE (Common Vulnerabilities and Exposures), CVE database, CVE Program, Cyberlaw, Cybersecurity, Cybersecurity and Infrastructure Security Agency, cybersecurity funding, Data Privacy, Data Security, Department of Homeland Security, DevOps, DHS, Endpoint, Featured, Funding & Grants, Global Security News, Governance, Risk & Compliance, Humor, Identity & Access, Incident Response, Industry Spotlight, IoT & ICS Security, malware, MITRE, MITRE Framework, Mobile Security, Most Read This Week, national institute of standards and technology, National Institute of Standards and Technology (NIST), Network Security, News, NIST, Popular Post, SB Blogwatch, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threat Intelligence, Threats & Breaches, U.S. Department of Homeland Security, vulnerabilities
MITRE Crisis: CVE Cash Ends TODAY — CISA says ‘No Lapse’
These are “interesting” times: U.S. government funding for the Common Vulnerabilities and Exposures program expires April 16. The post MITRE Crisis: CVE Cash Ends TODAY — CISA says ‘No Lapse’ appeared first on Security Boulevard.
china, CISA, cisco, citrix, Coalition, CVE, Cybercrime, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), edge devices, espionage, exploit, Exploits, firewall, firewalls, Fortinet, Gartner, Global Security News, Google Threat Intelligence Group, ivanti, known exploited vulnerabilities (KEV), Mandiant, National Vulnerability Database, NIST, Palo Alto Networks, Rapid7, Research, routers, Technology, Threats, virtual private network (VPN), VulnCheck, vulnerabilities, vulnerability disclosure, zero days
Is Ivanti the problem or a symptom of a systemic issue with network devices?
Network edge devices — hardware that powers firewalls, VPNs and network routers — have quickly moved up the list of attackers’ preferred intrusion points into enterprise networks. While dozens of companies make and sell these devices, customers of one company in particular — Ivanti — have confronted exploited vulnerabilities in their products more than any…
app vulnerabilities, Cloud Security, Cybersecurity, Data Security, Featured, Global Security News, Governance, Risk & Compliance, malware, Mobile Security, Network Security, News, NIST, NIST CVE Backlog, Security Awareness, Security Boulevard (Original), security flaw, Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threat Intelligence, vulnerabilities
NIST Deprioritizes Pre-2018 CVEs as Backlog Struggles Continue
NIST, which for more than a year has been struggling to address a backlog of CVEs in its database following budget cuts, is now putting pre-2018 vulnerabilities on the back burner to give itself more time to address the rapidly growing number of new software security flaws. The post NIST Deprioritizes Pre-2018 CVEs as Backlog…
Global Security News, NIST, Security Bloggers Network
NIST SP 800-171 Rev 2 vs Rev 3: What’s The Difference?
Government cybersecurity and information security frameworks are a constant work in progress. Many different frameworks draw their requirements from the National Institute of Standards and Technology, and one of the most important documents for cybersecurity is NIST Special Publication 800-171: Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. One of the key pillars of…
Cloud, Cloud Security, Cybersecurity, cybersecurity risks, digital signatures, Global Security News, Google, google cloud, google cloud key management service, Innovation, NIST, open source, quantum computing, Security
Google Announces Quantum-Safe Digital Signatures in Cloud KMS, Takes “Post-Quantum Computing Risks Seriously”
This news about Google Cloud Key Management Service is part of the tech giant’s post-quantum computing strategy.
CVE, CVSS, Cybersecurity, Exploits, Global Security News, MITRE, National Vulnerability Database, NIST, Research, Threats, vulnerabilities
Infosec pros: We need CVSS, warts and all
A key pillar of a strong cybersecurity program is identifying vulnerabilities in the complex mix of software programs, packages, apps, and snippets driving all activities across an organization’s digital infrastructure. At the heart of spotting and fixing these flaws is the widely used Common Vulnerability Scoring System (CVSS), maintained by a nonprofit called the Forum…
Best Buy, Cybersecurity, Emerging Tech, EnergyStar, Global Security News, NIST, smart homes, SOHO, U.S. Cyber Trust Mark, UL, White House
White House launches cybersecurity label program for consumers
The White House announced Tuesday the official launch of the U.S. Cyber Trust Mark, a cybersecurity labeling initiative aimed at enhancing the security of internet-connected devices. The initiative tackles rising consumer concerns about the security vulnerabilities of “smart” devices essential to modern homes. As households become more dependent on interconnected gadgets — with a 2023…