Blog

RSS Blog

  • NIST Continues to Expand Its Suite of CSF 2.0 Resources November 25, 2024
    NIST Releases More CSF 2.0 Resources for Cybersecurity Awareness Month It’s Cybersecurity Awareness Month—and we’re celebrating by sharing that we have even more Cybersecurity Framework (CSF) 2.0 resources to help organizations of all sizes manage your cybersecurity risks. The new resources include, but are not limited to: Learn More
    blogmirnet
  • Cyber Review Board Investigate Salt Typhoon’s Targeting of US Telecommunications November 25, 2024
    Recent open-source reporting details the activity of Chinese nation-state advanced persistent threat (APT) Salt Typhoon amidst the 2024 presidential election. Salt Typhoon has compromised telecommunications infrastructure, including infrastructure associated with court-ordered wiretaps. A Department of Homeland Security (DHS) panel is currently reviewing the incident and assesses that it will likely take months before any findings […]
    blogmirnet
  • Threat Actors Exploit DocuSign APIs to Bypass Security November 25, 2024
    Example of invoice attachment. Image Source: Wallarm Labs Consistent with open-source reporting, the NJCCIC’s email security solution detected increased attempts to exploit DocuSign APIs to deliver fraudulent invoices. Unlike traditional phishing scams, which rely on misleading emails and links, these attacks use real DocuSign accounts and templates to mimic reputable companies, making detection more difficult. […]
    blogmirnet
  • Phony Help is Just a Call Away November 25, 2024
    Image Source: LastPass LastPass Password Manager warned customers about a new social engineering campaign in which threat actors are leaving five-star reviews, posing as support on the LastPass extension review page on Google Chrome. In these reviews, they provide customers with a phone number to contact for help resolving potential issues. If contacted, users connect […]
    blogmirnet
  • Vulnerability in Google AndroidCould Allow for Remote Code Execution November 25, 2024
    This Multi-State Information Sharing and Analysis Center (MS-ISAC) Advisory is being provided to assist agencies, organizations, and individuals in guarding against the persistent malicious actions of cybercriminals. A vulnerability has been discovered in Google Android that could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but […]
    blogmirnet
  • Norton LifeLock Identity Theft Protection Alerts November 25, 2024
    Individuals, who are enrolled in the Identity Theft Protection program offered by LifeLock, are receiving notifications in error by LifeLock. These notifications are being sent by email or text stating “New Property Report Detected.” It is an issue with LifeLock’s system. They are aware of the problem and are actively working to resolve the issue. […]
    blogmirnet
  • Transition to Post-Quantum Cryptography Standards | Draft NIST IR 8547 is Available for Comment November 25, 2024
    The initial public draft of NIST Internal Report (IR) 8547, Transition to Post-Quantum Cryptography Standards, is now available for public comment. This report describes NIST’s expected approach to transitioning from quantum-vulnerable cryptographic algorithms to post-quantum digital signature algorithms and key-establishment schemes. It identifies existing quantum-vulnerable cryptographic standards and the current quantum-resistant standards that will be […]
    blogmirnet
  • Payroll Phishing Campaign Drops InfoStealer Malware November 25, 2024
    Image Source: Proofpoint The NJCCIC email security system has uncovered a new campaign spreading XLoader and GuLoader malware. XLoader is a successor to Formbook infostealing malware and is categorized as malware-as-a-service (MaaS). XLoader has several capabilities, such as capturing screenshots, recording keystrokes, and accessing information stored on the clipboard. Additionally, it can steal credentials from […]
    blogmirnet
  • Guidelines for Derived PIV Credentials and PIV Federation: SP 800-157r1 and SP 800-217 Available for Public Comment November 25, 2024
    The final public drafts (fpd) of NIST Special Publication (SP) 800-157r1 (Revision 1), Guidelines for Derived Personal Identity Verification (PIV) Credentials, and SP 800-217, Guidelines for Personal Identity Verification (PIV) Federation, are now available for public review and comment.  Both guidelines address the comments received on the 2023 initial public drafts and align with the recently published […]
    blogmirnet
  • NIST Requests Public Comments on SP 800-102, Recommendation for Digital Signature Timeliness November 25, 2024
    NIST maintains its cryptography standards and guidelines using a periodic review process. NIST requests public comments on all aspects of NIST Special Publication (SP) 800-102, Recommendation for Digital Signature Timeliness, 2009. This publication discusses the use of timestamps to establish the time when a digital signature was generated. The Cryptographic Algorithm Validation Program does not […]
    blogmirnet
View All Blog Posts
Whether your team wants to study SharePoint or needs to learn Excel, My Tech Fuel has a convenient classroom setting with industry-certified instructors to lead your training. Creating opportunities to customize courseware.
Explore
Useful links
Contact info
Copyright 2023 My Tech Fuel LLC. All Rights Reserved