NIST Archives - Page 2 of 4

NIST SP 1271: Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide

Cybersecurity Framework, Security Program, Standards & Guidelines / Frank Crast / August 6, 2021 / critical infrastructure, Cybersecurity Framework, NIST, SP 1271

The National Institute of Standards and Technology (NIST) has issued the NIST SP 1271 Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide.

NIST SP 1271: Getting Started with the NIST Cybersecurity Framework: A Quick Start Guide Read More »

NSA releases guidance on securing wireless devices in public settings

Cybersecurity Attacks, Endpoint Security, Guidelines, System Hardening, Vulnerabilities & Exploits, Wi-Fi Security / Frank Crast / August 2, 2021 / BlueBorne, Bluebugging, Bluejacking, Bluesnarfing, bluetooth, LLMNR, MFA, NFC, NIST, NSA, SP 800-121, Wi-Fi, Wireless

The National Security Agency (NSA) has released guidance on securing wireless devices in public settings for government national defense entities and the general public. The new 8-page guidance infosheet summarizes ways bad actors target wireless devices as well as good safeguards to protect against such cyberattacks. The NSA warns that although connecting to public Wi-Fi

NSA releases guidance on securing wireless devices in public settings Read More »

NIST SP 800-47 Rev. 1: Managing the Security of Information Exchanges

Messaging Security, Standards & Guidelines / Frank Crast / July 20, 2021 / Exchange, Information, NIST, SP 800-47

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-47 Rev. 1 Managing the Security of Information Exchanges.

NIST SP 800-47 Rev. 1: Managing the Security of Information Exchanges Read More »

WordPress security update (5.7.2) fixes 2 PHPMailer vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 14, 2021 / CVE-2018-19296, CVE-2020-36326, NIST, PHPMailer, WordPress

WordPress has released WordPress 5.7.2 security and maintenance update that includes fixes for two PHPMailer security vulnerabilities. All WordPress versions between 3.7 and 5.7 are affected.

WordPress security update (5.7.2) fixes 2 PHPMailer vulnerabilities Read More »

DHS warns businesses of risks using Chinese tech and data services

Cybersecurity Articles, Data Breach, Data Privacy, Insider Threats, Regulations & Laws, Security Monitoring, Third-Party Security / Frank Crast / December 24, 2020 / Data Security, DHS, DOJ, EO 13913, EO 13942, EO 13943, Executive Order, Harvard, Huawei, NIST, PLA, PRC, USTR, WTO, ZTE

The United States Department of Homeland Security (DHS) has published a new advisory warning businesses of the risks using tech and data services linked to the People’s Republic of China (PRC).

DHS warns businesses of risks using Chinese tech and data services Read More »

NIST SP-800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations

Security Program, Standards & Guidelines, Uncategorized / Frank Crast / December 10, 2020 / NIST, SP 800-53

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-53 Rev.5. Security and Privacy Controls for Information Systems and Organizations. The Special Publication (SP) 800-53 provides cloud access control (AC) characteristics and a set of general access control guidance for cloud service models. An abstract from SP 800-53: This publication provides

NIST SP-800-53 Rev. 5: Security and Privacy Controls for Information Systems and Organizations Read More »