NIST Archives - Cyber Security Minute

Apache Struts 2 vulnerability discovered, as proof of concept circulates

Issued by: CSO Online

A new vulnerability found in the Apache Struts 2 framework has received a critical severity rating from NIST’s national database. A new vulnerability in the Struts 2 web application framework can potentially enable a remote attacker to execute code on systems running apps based on earlier versions of the software. The vulnerability, announced this week…

Network Security

CISA Urges Critical Infrastructure to Prepare for Post-Quantum Cryptography

Issued by: Security Week

The National Institute of Standards and Technology (NIST) is expected to publish the standard in 2024, but CISA urges stakeholders to prepare in advance, citing potential risks from quantum computing to the entire critical infrastructure. Quantum computers use qubits, or ‘quantum bits’, to deliver higher computing power and speed in certain scenarios, including solving mathematical…

Software Security

Four Things Your CISO Wants Your Board to Know

Issued by: Security Week

For years, it seems like we’ve been rationalizing why your company’s Chief Information Security Officer (CISO) deserves a seat at the boardroom table. In many industries, we’ve come a long way since then. At more and more organizations, CISOs have stepped up and begun conferring regularly with the CFO, CTO, and CEO on security strategy,…

Software Security

NIST Publishes Guide for Securing Hotel Property Management Systems

Issued by: Dark Reading

The National Institute of Standards and Technology (NIST) has released a cybersecurity guide for the hospitality industry to help reduce security risks related to hotel property-management system software. These systems store guest personal information and credit card data – an attractive target for hackers. NIST’s new guide provides security recommendations and suggestions for using commercially…

Software Security

How to Choose the Right Cybersecurity Framework

Issued by: Dark Reading

The dramatic rise in ransomware attacks and the SolarWinds Orion hack have thrust cybersecurity back into the spotlight. With everyone a target, it’s time for organizations to implement cybersecurity frameworks like those provided by the National Institute of Standards and Technology (NIST), which can help you set a bar for measuring your cybersecurity effectiveness. Taking…

Software Security

Three ways formal methods can scale for software security

Issued by: Help Net Security

Security is not like paint: it can’t just be applied after a system has been completed. Instead, security has to be built into the system design. But how can we know that a system design is secure against a particular attack? And how can we know that the system implements that design correctly? The key…

Software Security

Face recognition software making progress at recognizing masked faces

Issued by: Help Net Security

A study of face recognition technology created after the onset of the COVID-19 pandemic shows that some software developers have made demonstrable progress at recognizing masked faces. The findings, produced by NIST, measure the performance of face recognition algorithms developed following the arrival of the pandemic. A previous report from July explored the effect of…

Vulnerabilities

Quantum computers: How to prepare for this great threat to information security

Issued by: Help Net Security

The race is on to build the world’s first reliable and truly useful quantum computer, and the finish line is closer than you might think – we might even reach it this decade. It’s an exciting prospect, particularly as these super-powerful machines offer huge potential to almost every industry, from drug development to electric-vehicle battery…

Mobile Security

How well do face recognition algorithms identify people wearing masks?

Issued by: Help Net Security

Now that so many of us are covering our faces to help reduce the spread of COVID-19, how well do face recognition algorithms identify people wearing masks? The answer, according to a preliminary study by the National Institute of Standards and Technology (NIST), is with great difficulty. Identify people wearing masks using facial recognition algorithms…

Software Security

The 7 Types Of Security Jobs, According To NIST

Issued by: Dark Reading

Making sense of the complex. That’s what NIST’s National Initiative for Cybersecurity Education (NICE) aims to do in developing the draft NICE Cybersecurity Workforce Framework (NCWF). Bill Newhouse, NICE deputy director and lead author of the draft document, said in developing the NCWF, NIST synthesized the diverse field of cybersecurity by identifying seven categories of…