Cyber

Mitre Releases Updated Common Software Vulnerability List

Mitre has added 137 new entries to an online database of software security weaknesses, Inside Defense reported Monday. Version 3.2 of the Common Weakness Enumeration also includes one “deprecated” item and 534 amended entries, which the nonprofit company attributed to changes in names, relationship, description and references. The community-developed list seeks to provide …

Read More »

Red Hat’s David Egts: Open-Source Training, ‘Sense of Mission’ Could Help Agencies Address Cyber Skills Gap

David Egts, chief technologist for Red Hat’s North American public sector, has said there are several options the federal government can consider to build up its workforce’s cybersecurity and information technology skills and one of those is to explore open-source training. “The proliferation of open source software has changed the training landscape …

Read More »

HHS, Industry Aim to Help Health Organizations Mitigate Cyber Threats With New Publication

The Department of Health and Human Services has released a four-volume document that outlines 10 industry practices that health care organizations can implement to counter cyber threats. HHS said Friday it collaborated with industry stakeholders through a public-private partnership to come up with the publication “Health Industry Cybersecurity Practices: Managing Threats …

Read More »

Cloud-Based Identity Tools, Mobile Device-Based Authentication Among Cyber Market Trends to Watch in 2019

Some of the trends in the cybersecurity market to watch in 2019 include the availability of identity platforms in the cloud and use of mobile devices in authentication, Security Today reported Wednesday. Organizations aim to supplement application security platforms in the cloud with cloud-based identity and access management systems. The …

Read More »

SOSi Lands Army NETCOM Support Contract; Julian Setian Quoted

The U.S. Army has awarded SOS International a potential five-year, $17M contract for teleconference network, cybersecurity and knowledge management services to the military branch’s Network Enterprise Technology Command. The company said Friday it will support classified and unclassified networks being used at NETCOM’s Arizona headquarters and by subcommand groups worldwide. “This win only …

Read More »

Circadence Offers AI-Based Cybersecurity Training Platform on Microsoft Azure

Circadence has integrated a cybersecurity learning and assessment platform with Microsoft‘s Azure cloud computing service. Project Ares is designed to help government, enterprise and academic customers train cyber professionals through cloud-based virtual ranges, Circadence said Thursday. The artificial intelligence-powered training system uses a range-as-a-service model designed to spin up simulated environments and support …

Read More »

Symantec: ‘Seedworm’ Cyber Espionage Group Uses Backdoor to Launch Attacks on Agencies, Telecoms

Symantec has found that a new cyber espionage group called Seedworm has started launch cyber attacks on dozens of government agencies, telecommunications, multinational organizations, oil and gas firms and other institutions worldwide since late September. Seedworm, also known as Zagos or Muddywater, collects intelligence data on targets across the Middle …

Read More »

LexisNexis Risk Solutions Gets NIST Certification for Identity Proofing Platform; Haywood Talcove Quoted

LexisNexis Risk Solutions has received a National Institute of Standards and Technology certification from SAFE-BioPharma for its platform designed to detect identity fraud. The NIST SP 800-63A certification at Identity Assurance Level 2 allows LexisNexis Risk Solutions to offer its Risk Defense Platform to federal agencies seeking to implement identity authentication tools …

Read More »

AIA Launches New Cybersecurity Standard for Aerospace, Defense Industries; Eric Fanning Quoted

The Aerospace Industries Association has released a standard aimed at maintaining cybersecurity resilience in the aerospace and defense industries. The risk-based standard complements the Department of Defense‘s existing cybersecurity guidelines and are made to help companies regularly update cyber defenses amid evolving threats, AIA said Thursday. “With aggressive state and non-state cyber actors …

Read More »