Top Threats

Thread Subject	Replies	Last Post
OWASP Top 10 Vulnerabilities for LLMs	0	one month ago by Thanos Vrachnos
NSA and CISA publishes Harden Baseboard Management Controllers	0	3 months ago by Michael Roza
CISA Binding Operational Directive (BOD) 23-02, Mitigating the Risk from Internet-Exposed Management Interfaces	0	3 months ago by Michael Roza
Data Breach at Managed Care of North America (MCNA)	0	3 months ago by Shamun Mahmud
NSA Software Memory Safety	0	5 months ago by Michael Roza
NSC APT28 Exploits Known Vulnerability to Carry Out Reconnaissance and Deploy Malware on Cisco Routers	0	5 months ago by Michael Roza
NIST CSWP 28 Security Segmentation in a Small Manufacturing Environment	0	5 months ago by Michael Roza
3CXDesktop and Supply Chain Incident	0	5 months ago by Derek Buchanan
NSA Advancing Zero Trust Maturity Throughout the User Pillar - Updated April	0	5 months ago by Michael Roza
Macstealer malware update	0	6 months ago by Shamun Mahmud
ENISA Foresight Cybersecurity Threats for 2030	0	6 months ago by Michael Roza
Draft NIST IR 8432, Cybersecurity of Genomic Data For Comment	0	6 months ago by Michael Roza
ENISA Threat Landscape: Transport Sector	0	6 months ago by Michael Roza
NSA UEFI Secure Boot Customization	0	6 months ago by Michael Roza
NSA Advancing Zero Trust Maturity Throughout the User Pillar	1	6 months ago by Anna Schorr Original post by Michael Roza
NIST SP 800-219r1 ipd Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP)	0	6 months ago by Michael Roza
ENISA Fog And Edge Computing In 5G Security opportunities and challenges	0	6 months ago by Michael Roza
ENISA Embedded Sim Ecosystem, Security Risks and Measures	0	6 months ago by Michael Roza
ISO 22385:2023 Security and resilience - Authenticity, integrity and trust for products and documents - Guidelines to establish a framework for trust and interoperability	2	6 months ago by Michael Roza
ISO 22393:2023 Security and resilience - Community resilience - Guidelines for planning recovery and renewal	0	6 months ago by Michael Roza
NIST Internal Report (NIST IR) 8432, Cybersecurity of Genomic Data for Comment	0	6 months ago by Michael Roza
CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks	0	6 months ago by Michael Roza
ISO/TS 21377:2023 Exchange formats for the audit data collection standard: XML and JSON	0	6 months ago by Michael Roza
NSA DoD Microelectronics: Third-Party IP Review Process for Level of Assurance 2	0	6 months ago by Michael Roza
NSA DoD Microelectronics: Field Programmable Gate Array Level of Assurance 2 Best Practices	0	6 months ago by Michael Roza
ISO/IEC 27035-2:2023 Information technology - Information security incident management - Part 2: Guidelines to plan and prepare for incident response	0	6 months ago by Michael Roza
ISO/IEC 27035-1:2023 Information technology - Information security incident management - Part 1: Principles and process	0	6 months ago by Michael Roza
CISA Releases Decider Tool to Help with MITRE ATT&CK Mapping	0	6 months ago by Michael Roza
ENISA A Governance Framework for National Cybersecurity Strategies	0	6 months ago by Michael Roza
ENISA Building Effective Governance Frameworks for the Implementation of National Cybersecurity Strategies	0	6 months ago by Michael Roza
ENISA Demand Side of Cyber Insurance in the EU Analysis of Challenges and Perspectives of OES	0	7 months ago by Michael Roza
National Cybersecurity Center of Excellence (NCCoE) has released a draft report, NIST Interagency Report (NISTIR) 8320D, Hardware Enabled Security: Hardware-Based Confidential Computing, for public comment	0	7 months ago by Michael Roza
NSA Best Practices for Securing Your Home Network	0	7 months ago by Michael Roza
ENISA Interoperable EU Risk Management Toolbox	0	7 months ago by Michael Roza
National Institute of Justice (NIJ) Forensic Intelligence Models: Assessment of Current Practices in the United States and Internationally	0	7 months ago by Michael Roza
Developing National Vulnerabilities Programmes	0	7 months ago by Michael Roza
ISO/IEC 27035-2:2023 Information technology - Information security incident management - Part 2: Guidelines to plan and prepare for incident response	0	7 months ago by Michael Roza
ISO/IEC 27035-1:2023 Information technology - Information security incident management - Part 1: Principles and process	0	7 months ago by Michael Roza
ENISA and CERT Joint Report Sustained activity by specific threat actors	0	7 months ago by Michael Roza
NSA Ransomware Attacks on Critical Infrastructure Fund DPRK Malicious Cyber Activities	0	7 months ago by Michael Roza
NIST SP 800-201 ipd Cloud Computing Forensic Reference Architecture for Comment	0	7 months ago by Michael Roza
Joint Cybersecurity Advisory Protecting Against Malicious Use of Remote Monitoring and Management Software	1	7 months ago by Michael Roza
NSA IPv6 Security Guidance	0	7 months ago by Michael Roza
NSA Cybersecurity Year in Review 2022	0	9 months ago by Michael Roza
NSA APT5: Citrix ADC Threat Hunting Guidance	0	9 months ago by Michael Roza
ENISA Cyber Europe 2022: After Action Report	0	9 months ago by Michael Roza
NSA DoD Microelectronics: Field Programmable Gate Array Best Practices – Threat Catalog	0	9 months ago by Michael Roza
NSA DoD Microelectronics: Field Programmable Gate Array Level of Assurance 1 Best Practices	0	9 months ago by Michael Roza
NSA DoD Microelectronics: Field Programmable Gate Array Overall Assurance Process	0	9 months ago by Michael Roza
NSA DoD Microelectronics: Third-party IP Review Process for Level of Assurance 1	0	9 months ago by Michael Roza