Top Threats

Thread Subject	Replies	Last Post
Modernizing the Federal Risk Authorization Management Program (FedRAMP)	0	yesterday by Michael Roza
CISA just published Secure by Design - How Software Manufacturers Can Shield Web Management Interfaces From Malicious Cyber Activity	0	4 days ago by Michael Roza
NIST Phish Scale User Guide	0	13 days ago by Michael Roza
NIST Two New Final Publications – Integrating ICT Risk Management in the Enterprise	0	15 days ago by Michael Roza
NSA Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption	0	20 days ago by Michael Roza
ENISA Threat Landscape 2023	0	one month ago by Michael Roza
Joint CIS/NSA/FBI Stop Ransomware Guide	0	one month ago by Michael Roza
NSA Phishing Guidance: Stopping the Attack Cycle at Phase One	0	one month ago by Michael Roza
NIST Log Management Planning Guide: Draft SP 800-92r1 Available for Comment	0	one month ago by Michael Roza
NSA and CISA publishes Identity and Access Management: Developer and Vendor Challenges	0	one month ago by Michael Roza
NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations	0	one month ago by Michael Roza
NSA Procurement and Acceptance Testing Guide for Servers, Laptops, and Desktop Computers	0	2 months ago by Michael Roza
OWASP Top 10 Vulnerabilities for LLMs	0	3 months ago by Thanos Vrachnos
NSA and CISA publishes Harden Baseboard Management Controllers	0	5 months ago by Michael Roza
CISA Binding Operational Directive (BOD) 23-02, Mitigating the Risk from Internet-Exposed Management Interfaces	0	5 months ago by Michael Roza
Data Breach at Managed Care of North America (MCNA)	0	6 months ago by Shamun Mahmud
NSA Software Memory Safety	0	7 months ago by Michael Roza
NSC APT28 Exploits Known Vulnerability to Carry Out Reconnaissance and Deploy Malware on Cisco Routers	0	7 months ago by Michael Roza
NIST CSWP 28 Security Segmentation in a Small Manufacturing Environment	0	8 months ago by Michael Roza
3CXDesktop and Supply Chain Incident	0	8 months ago by Derek Buchanan
NSA Advancing Zero Trust Maturity Throughout the User Pillar - Updated April	0	8 months ago by Michael Roza
Macstealer malware update	0	8 months ago by Shamun Mahmud
ENISA Foresight Cybersecurity Threats for 2030	0	8 months ago by Michael Roza
Draft NIST IR 8432, Cybersecurity of Genomic Data For Comment	0	8 months ago by Michael Roza
ENISA Threat Landscape: Transport Sector	0	8 months ago by Michael Roza
NSA UEFI Secure Boot Customization	0	8 months ago by Michael Roza
NSA Advancing Zero Trust Maturity Throughout the User Pillar	1	8 months ago by Anna Schorr Original post by Michael Roza
NIST SP 800-219r1 ipd Automated Secure Configuration Guidance from the macOS Security Compliance Project (mSCP)	0	8 months ago by Michael Roza
ENISA Fog And Edge Computing In 5G Security opportunities and challenges	0	8 months ago by Michael Roza
ENISA Embedded Sim Ecosystem, Security Risks and Measures	0	8 months ago by Michael Roza
ISO 22385:2023 Security and resilience - Authenticity, integrity and trust for products and documents - Guidelines to establish a framework for trust and interoperability	2	9 months ago by Michael Roza
ISO 22393:2023 Security and resilience - Community resilience - Guidelines for planning recovery and renewal	0	9 months ago by Michael Roza
NIST Internal Report (NIST IR) 8432, Cybersecurity of Genomic Data for Comment	0	9 months ago by Michael Roza
CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks	0	9 months ago by Michael Roza
ISO/TS 21377:2023 Exchange formats for the audit data collection standard: XML and JSON	0	9 months ago by Michael Roza
NSA DoD Microelectronics: Third-Party IP Review Process for Level of Assurance 2	0	9 months ago by Michael Roza
NSA DoD Microelectronics: Field Programmable Gate Array Level of Assurance 2 Best Practices	0	9 months ago by Michael Roza
ISO/IEC 27035-2:2023 Information technology - Information security incident management - Part 2: Guidelines to plan and prepare for incident response	0	9 months ago by Michael Roza
ISO/IEC 27035-1:2023 Information technology - Information security incident management - Part 1: Principles and process	0	9 months ago by Michael Roza
CISA Releases Decider Tool to Help with MITRE ATT&CK Mapping	0	9 months ago by Michael Roza
ENISA A Governance Framework for National Cybersecurity Strategies	0	9 months ago by Michael Roza
ENISA Building Effective Governance Frameworks for the Implementation of National Cybersecurity Strategies	0	9 months ago by Michael Roza
ENISA Demand Side of Cyber Insurance in the EU Analysis of Challenges and Perspectives of OES	0	9 months ago by Michael Roza
National Cybersecurity Center of Excellence (NCCoE) has released a draft report, NIST Interagency Report (NISTIR) 8320D, Hardware Enabled Security: Hardware-Based Confidential Computing, for public comment	0	9 months ago by Michael Roza
NSA Best Practices for Securing Your Home Network	0	9 months ago by Michael Roza
ENISA Interoperable EU Risk Management Toolbox	0	9 months ago by Michael Roza
National Institute of Justice (NIJ) Forensic Intelligence Models: Assessment of Current Practices in the United States and Internationally	0	9 months ago by Michael Roza
Developing National Vulnerabilities Programmes	0	9 months ago by Michael Roza
ISO/IEC 27035-2:2023 Information technology - Information security incident management - Part 2: Guidelines to plan and prepare for incident response	0	9 months ago by Michael Roza
ISO/IEC 27035-1:2023 Information technology - Information security incident management - Part 1: Principles and process	0	9 months ago by Michael Roza