Security News

Six password takeaways from the updated NIST cybersecurity framework
2024-12-04 15:01

Updated NIST guidelines reject outdated password security practices in favor of more effective protections. Learn from Specops Software about 6 takeaways from NIST's new guidance that help create...

NIST report on hardware security risks reveals 98 failure scenarios
2024-11-15 03:30

NIST’s latest report, “Hardware Security Failure Scenarios: Potential Hardware Weaknesses” (NIST IR 8517), explores the hidden vulnerabilities in computer hardware, a domain often considered more...

NIST is chipping away at NVD backlog
2024-11-14 14:25

The National Institute of Standards and Technology (NIST) is clearing the backlog of unprocessed CVE-numbered vulnerabilities in the National Vulnerability Database (NVD), but has admitted that...

NIST's security flaw database still backlogged with 17K+ unprocessed bugs. Not great
2024-10-02 12:31

Logjam 'hurting infosec processes world over' one expert tells us as US body blows its own Sept deadline NIST has made some progress clearing its backlog of security vulnerability reports to...

NIST Recommends Some Common-Sense Password Rules
2024-09-27 11:01

NIST’s second draft of its “SP 800-63-4“—its digital identify guidelines—finally contains some really good rules about passwords: The following requirements apply to passwords: lVerifiers and CSPs...

Chrome switching to NIST-approved ML-KEM quantum encryption
2024-09-16 16:22

Google announced updates in the post-quantum cryptographic key encapsulation mechanism used in the Chrome browser, specifically, the swap of Kyber used in hybrid key exchanges with Module Lattice...

NIST Cybersecurity Framework (CSF) and CTEM – Better Together
2024-09-05 09:19

It’s been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created following a 2013 Executive Order, NIST was tasked with...

Security Experts Welcome NIST’s New Encryption Standards For Quantum Computers
2024-08-16 15:26

Quantum computers are rapidly increasing the ability for high-performance computing, and the new standards are ready for immediate use, NIST said. "Quantum computing technology could become a force for solving many of society's most intractable problems, and the new standards represent NIST's commitment to ensuring it will not simultaneously disrupt our security," said Under Secretary of Commerce for Standards and Technology and NIST Director Laurie E. Locascio, in a statement.

NIST Releases First Post-Quantum Encryption Algorithms
2024-08-15 15:37

From the Federal Register: After three rounds of evaluation and analysis, NIST selected four algorithms it will standardize as a result of the PQC Standardization Process. The public-key...

NIST releases first encryption tools to resist quantum computing
2024-08-14 19:33

The U.S. National Institute of Standards and Technology (NIST) has released the first three encryption standards designed to resist future cyberattacks based on quantum computing technology. [...]