February 1, 2024 at 05:44PM Companies in finance and health care need to adopt TLS 1.3 for cyber security, but it complicates data audits. NIST released guide SP 1800-37 to help implement TLS 1.3 and conduct network monitoring and auditing securely. It addresses challenges, offering techniques for key access and securing data. NIST is seeking … Read more
January 29, 2024 at 03:55PM SolarWinds, victim of Russian cyber-attack, accuses SEC of unfair treatment. The company argues the watchdog’s charges are baseless and seek to impose unreasonable cybersecurity disclosure requirements. SolarWinds maintains it made proper and accurate disclosures before and after the attack. The SEC alleges that SolarWinds misled investors about its security practices, … Read more
January 9, 2024 at 12:38PM A critical vulnerability in Cacti’s web-based open source framework for monitoring network performance allows attackers to disclose its entire database. Exploiting this, along with a previously disclosed vulnerability, could lead to remote code execution. The severity of this issue is rated 8.8 out of 10. It’s not widespread but poses … Read more