NIST Publishes Recommendations for Federal Vulnerability Disclosure Guidelines: NIST SP 800-216 Now Available
Internal and external reporting of security vulnerabilities in software and information systems owned or utilized by the Federal Government is critical to mitigating risk, establishing a robust security posture, and maintaining transparency and trust with the public. Formalizing actions to accept, assess, and manage vulnerability disclosure reports can help reduce known security vulnerabilities and exposures. …
Continue reading NIST Publishes Recommendations for Federal Vulnerability Disclosure Guidelines: NIST SP 800-216 Now AvailableWed, 24 May 2023 14:41:07 +0000
The NCCoE Buzz: The Benefits of Mobile Device Management
The Benefits of Mobile Device Management The NCCoE Buzz: Mobile Security Edition is a recurring email on timely topics in mobile device cybersecurity and privacy from the National Cybersecurity Center of Excellence’s (NCCoE’s) Mobile Device Security project team. What is it? Mobile devices allow employees to conveniently do their work from home, at the office, …
Continue reading The NCCoE Buzz: The Benefits of Mobile Device ManagementWed, 24 May 2023 14:39:22 +0000
#StopRansomware Guide
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published an updated version of the #StopRansomware Guide , as ransomware actors have accelerated their tactics and techniques since its initial release in 2020. The update incorporates lessons learned from the …
Continue reading #StopRansomware GuideWed, 24 May 2023 14:37:11 +0000
NICE Webinar: Community-Based Partnerships for Cybersecurity
Synopsis The Department of Commerce’s workforce development agenda is guided by a set of best practices and principles that values workforce investments. These workforce investments are employer-led to connect skilled workers to quality job opportunities, guided by multiple community partners such as educational institutions and economic development organizations, and lead to stackable, industry-recognized credentials. Cybersecurity …
Continue reading NICE Webinar: Community-Based Partnerships for CybersecurityWed, 24 May 2023 14:35:21 +0000
Microsoft Azure Virtual Training Day: Fundamentals
Build skills that help you create new technology possibilities and explore foundational cloud concepts at Azure Virtual Training Day: Fundamentals from Microsoft Learn. Join us for this free training event to expand your knowledge of cloud models and cloud service types. You’ll also review Azure services focused on computing, networking, and storage. You will have …
Continue reading Microsoft Azure Virtual Training Day: FundamentalsWed, 24 May 2023 14:31:40 +0000
Cloud Native Infrastructure with Microsoft Azure
Take full advantage of the flexibility and scalability of the cloud with a modern cloud-native infrastructure. Read the O’Reilly e-book, Cloud Native Infrastructure with Azure, to learn how to adapt your applications early in the design phase to get the most out of the cloud. Plus, get best practices for how to use, deploy, and maintain …
Continue reading Cloud Native Infrastructure with Microsoft AzureFri, 19 May 2023 14:26:44 +0000
Invitation to the Azure Cosmos DB Roadshow Series: Empower Your Skills in the AI Era
Join other Software Architects and Technical Decision Makers, Microsoft technical experts, and partners to discuss and learn how to reimagine data strategies for cloud-native, intelligent apps. This two-day event will offer technical insights, share real-world success stories, and dive into the technical underpinnings of robust data strategies for modern applications built in the cloud. Our …
Continue reading Invitation to the Azure Cosmos DB Roadshow Series: Empower Your Skills in the AI EraFri, 19 May 2023 14:24:42 +0000
Critical Privilege Escalation in Essential Addons for Elementor Plugin Affecting 1+ Million Sites
This blog post is about the Essential Addons for Elementor plugin vulnerability. If you’re a Essential Addons for Elementor user, please update the plugin to at least version 5.7.2. The security vulnerability in Essential Addons for Elementor This plugin suffers from an unauthenticated privilege escalation vulnerability and allows any unauthenticated user to escalate their privilege to …
Continue reading Critical Privilege Escalation in Essential Addons for Elementor Plugin Affecting 1+ Million SitesFri, 19 May 2023 14:21:44 +0000
NCCoE Seeks Collaborators for New DevSecOps Project
Become a Collaborator on the NCCoE Software Supply Chain and DevOps Security Practices Project The National Cybersecurity Center of Excellence (NCCoE) has issued a Federal Register Notice (FRN) inviting industry participants and other interested collaborators to participate in the Software Supply Chain and DevOps Security Practices project. This NCCoE DevSecOps project will focus on developing and documenting an …
Continue reading NCCoE Seeks Collaborators for New DevSecOps ProjectFri, 19 May 2023 14:17:23 +0000
Multiple Vulnerabilities in Apple Products
Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; …
Continue reading Multiple Vulnerabilities in Apple ProductsFri, 19 May 2023 14:16:33 +0000