THREATNOIR
Subscribe
Back to Feed

Tag

NIST

NIST CSF, 800-series, US federal cybersecurity standards

23 items tagged #nist

Articles

White House cyber official: identity security matters more than ever in the age of AI

White House cyber official: identity security remains critical defense against AI-powered attacks on federal networks.

CISA Adds One Known Exploited Vulnerability to Catalog

CISA adds CVE-2026-20182 Cisco SD-WAN authentication bypass to KEV Catalog as actively exploited.

CI Fortify | CISA

CISA launches CI Fortify initiative urging critical infrastructure operators to prepare for geopolitical conflict

CISA Adds One Known Exploited Vulnerability to Catalog

CISA adds CVE-2026-6973 Ivanti EPMM improper input validation flaw to KEV Catalog.

CI Fortify | CISA

CISA launches CI Fortify initiative urging critical infrastructure operators to prepare for geopolitical conflict

"Copy Fail" Lands on CISA's KEV: A Nine-Year-Old Linux Bug Becomes a Patch Deadline

CISA adds nine-year-old Linux kernel privilege escalation bug CVE-2026-31431 to KEV catalog with working PoC.

CISA Adds One Known Exploited Vulnerability to Catalog

CISA adds Linux kernel privilege escalation CVE-2026-31431 to Known Exploited Vulnerabilities catalog.

Preparing for a ‘vulnerability patch wave’

NCSC warns organisations to prepare for incoming 'vulnerability patch wave' addressing decades of technical debt.

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA adds ConnectWise ScreenConnect path traversal and Windows protection mechanism vulnerabilities to Known Exploited

CISA Adds One Known Exploited Vulnerability to Catalog

CISA adds CVE-2026-39987 Marimo RCE to Known Exploited Vulnerabilities catalog.

CISA Adds One Known Exploited Vulnerability to Catalog

CISA adds CVE-2026-33825 Microsoft Defender access control flaw to Known Exploited Vulnerabilities Catalog.

Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks

Over 1,300 unpatched Microsoft SharePoint servers remain vulnerable to CVE-2026-32201 spoofing attacks.

NIST to stop rating non-priority flaws due to volume increase

NIST stops assigning severity scores to non-priority vulnerabilities due to submission volume surge.

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

NIST shifts NVD enrichment to risk-based model, prioritizing CVEs in CISA KEV and federal critical software.

NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities

NIST narrows CVE analysis to critical software, federal systems, and actively exploited vulnerabilities.

Analysis of one billion CISA KEV remediation records exposes limits of human-scale security

Analysis of 1B CISA KEV records shows critical flaws exploited before patches exist.

On Microsoft's Lousy Cloud Security - Schneier on Security

US government cybersecurity evaluators flagged Microsoft's GCC High cloud service for inadequate security documentation

CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday

CISA orders U.S. federal agencies to patch exploited Ivanti EPMM flaw by Sunday.

CISA Adds One Known Exploited Vulnerability to Catalog

CISA adds CVE-2026-1340 Ivanti EPMM code injection to Known Exploited Vulnerabilities Catalog.

CISA Adds One Known Exploited Vulnerability to Catalog

CISA adds Fortinet FortiClient EMS improper access control flaw to KEV catalog.

Google Wants to Transition to Post-Quantum Cryptography by 2029 https://t.co/sz8CdkNcuL

Google commits to post-quantum cryptography transition by 2029.

Google moves post-quantum encryption timeline up to 2029

Google accelerates post-quantum encryption migration timeline from 2035 to 2029.

Security for the Quantum Era: Implementing Post-Quantum Cryptography in Android

Google announces Post-Quantum Cryptography integration in Android 17 with ML-DSA signatures.