PURPLEURCHIN Campaign Detection: A New Crypto Mining Operation Massively Abuses GitHub Actions and Other Popular Free CI/CD Service Accounts With crypto mining attacks significantly increasing over...
Scared Of Your Own Shadow IT? Addressing The Top Security Concern Around SaaS AdoptionBy Uri Haramati, Co-Founder and CEO of Torii The pandemic struck, and organizations...
Twilio reveals hackers compromised its systems a month earlier than previously thoughtCloud communications firm Twilio reveals that it fell victim to a voice phishing attack in...
Extortion fears after hacker stole patient files from Dutch mental health clinicsPatients of Dutch mental health clinics are being warned that their personal records have fallen...
Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian InvasionA 26-year-old Ukrainian man is awaiting extradition from The Netherlands to the United States on charges that he...
Tackling the Growing and Evolving Digital Attack Surface: 2022 Midyear Cybersecurity ReportThis blog entry highlights the threats that dominated the first six months of the year,...
Addressing Ransomware in Hospitals & Medical DevicesRansomware attacks have been on the rise in recent years, and hospitals are increasingly becoming targets. In many cases, these...
Convergent Evolution: SP 800-213, the Federal Profile, and the IoT Cybersecurity CatalogNIST has been engaged for several years in developing guidance for Internet of Things (IoT)...
Threat Actors Target AWS EC2 Workloads to Steal CredentialsWe found malicious samples attempting to steal Amazon Elastic Compute Cloud (EC2) Workloads' access keys and tokens via...
Utility Metrics for Differential Privacy: No One-Size-Fits-AllIn previous posts we discussed different ways to implement differential privacy, each of which offers some trade-off between privacy and...
Privacy-Enhancing Cryptography to Complement Differential PrivacyIn previous posts we discussed many aspects of differential privacy: what it is, what it is useful for, and how it...
Hot Topics in Consumer Cybersecurity Labeling – Our December 2021 WorkshopOn May 12, 2021 the White House released an Executive Order (EO) on Improving the Nation’s...
How to deploy machine learning with differential privacyWe are delighted to introduce the final guest authors in our blog series, Nicolas Papernot and Abhradeep Thakurta, research...
From Bounty to Exploit: Observations About Cybercriminal ContestsFrom articles to hackathons, cybercriminals are resorting to crowdsourcing to find more ways to exploit systems. In this blog,...
Less Is More: Why One Antivirus Software Is All You Need Personal devices and the information they carry are incredibly valuable to their owners. It is...
NIST Launches New International Cybersecurity and Privacy Resources WebsiteEvery day, NIST cybersecurity and privacy resources are being used throughout the world to help organizations manage cybersecurity...
Our Quest: Advancing Product Labels to Help Consumers Consider CybersecurityFor many decades, consumers have relied on labels to help them make decisions about which products to...
Where is the Origin?: QAKBOT Uses Valid Code SigningCode signing certificates help us assure the file's validity and legitimacy. However, threat actors can use that against...
Help Celebrate Data Privacy Week & NIST Privacy Framework’s 2nd Birthday!Today’s blog celebrates Data Privacy Week, an international awareness initiative led by the National Cyber Security...
Differential Privacy: Future Work & Open ChallengesIn this series of blog posts, we have tried to give an accessible overview of the state-of-the-art in differential privacy....
NIST Seeks Input on International Aspects of the Cybersecurity Framework, Other ResourcesAddressing global needs is a critical part of NIST’s work in the evolution of the...
Attack Surface Management 2022 Midyear Review Part 2In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in...
Cybersecurity Education and Workforce Development: Employer-Driven and Learner-CenteredIn this installment of our 50th Anniversary of Cybersecurity series, we hear from NIST’s Rodney Petersen, Director of the...
Celebrating 50 Years of Cybersecurity at NIST!With each day bringing new cybersecurity challenges and advances, it is easy to understand why people feel like it’s hard...
The Application of Cybersecurity for IoT Capabilities to Real-World ScenariosNIST has a history of collaboration between its programs, which helps maximize project impacts and practicality to...
A Peek at Privacy: Where We Started, Where We are Now, and What’s NextAs part of NIST’s 50th anniversary of cybersecurity, this month’s blog post is...
Setting off on the Journey to the NIST Cybersecurity Framework (CSF) 2.0Over the past few months, NIST has been seeking feedback on the use and improvements...
Comprehensive Traceability for Android Supply-Chain SecurityWe discuss the importance of traceability in the world of mobile operating systems.Leer másTrend Micro Research, News, PerspectivesWe discuss the importance...
The Cornerstone of Cybersecurity – Cryptographic Standards and a 50-Year EvolutionIn today’s connected digital world, cryptographic algorithms are implemented in every device and applied to every...
Cybersecurity for IoT: The Road We’ve Traveled, The Road AheadThe NIST Cybersecurity for IoT program published Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy...
