Interactive Security Training

Join the NIST Privacy Framework Team | Further Develop the Data Governance & Management Profile: Dear Colleagues,     Building on the valuable stakeholder feedback received during the Ready, Set, Update! Privacy Framework 1.1 + DGM Profile Workshop this past June, we are pleased to announce that we will host a series of public working sessions this fall to further shape the joint NIST Frameworks Data Governance and Management (DGM) Profile. This … Continue reading Join the NIST Privacy Framework Team | Further Develop the Data Governance & Management Profile

Multiple Vulnerabilities in SolarWinds Web Help Desk: Multiple vulnerabilities have been discovered in SolarWinds Web Help Desk (WHD), the most severe of which could allow for remote code execution. WHD is a SolarWinds IT help desk solution. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the system. Depending on the privileges … Continue reading Multiple Vulnerabilities in SolarWinds Web Help Desk

Multiple Vulnerabilities in Google Chrome: Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install … Continue reading Multiple Vulnerabilities in Google Chrome

Employment Scams Delivered Via Text Messages Increase: Employment scams are increasing, and scammers are devising new methods to target unsuspecting job seekers. Recently observed scams more frequently begin with a text message, initiating conversations about a potential job opportunity. The scammer claims to be a recruiter who expresses interest in the target’s compatibility for a vacant position and attempts to ascertain the … Continue reading Employment Scams Delivered Via Text Messages Increase

Brand Impersonation Scams Continue: Businesses in the Information Technology sector act as critical service providers and part of a supply chain, store sensitive information, provide access to other accounts, and frequently engage with customers. These businesses deliver essential and frequently used services, such as email and other communications, cloud storage, online shopping, and more, increasing the likelihood that users will quickly … Continue reading Brand Impersonation Scams Continue

Microsoft 365 Virtual Training Day: Fundamentals: Build the skills you need to create new opportunities and accelerate your understanding of Microsoft Cloud technologies at a free Microsoft 365 Virtual Training Day from Microsoft Learn. Join us at Microsoft 365 Fundamentals to learn how to simplify the adoption of cloud services while supporting strong security, compliance, privacy, and trust. Also, discover how … Continue reading Microsoft 365 Virtual Training Day: Fundamentals

NIST to Revise Special Publication 800-135 Rev. 1 | Recommendation for Existing Application-Specific Key Derivation Functions: In July 2023, NIST’s Crypto Publication Review Board initiated a review process for NIST Special Publication (SP) 800-135 Revision 1, Recommendation for Existing Application-Specific Key Derivation Functions  (2011) and received public comments. In May 2024 NIST proposed revising SP 800-135 Rev. 1. No public comments were received in response to that proposal. NIST has decided … Continue reading NIST to Revise Special Publication 800-135 Rev. 1 | Recommendation for Existing Application-Specific Key Derivation Functions

Microsoft.Source Newsletter | AI for Developers: Featured Explore Microsoft Copilot for Microsoft 365 extensibility samples > Use this collection of samples to build Copilot extensions. Build Teams message extensions and Microsoft Graph connectors to extend Copilot for Microsoft 365.   What’s New Explore tools and resources that will help you do more with AI > Use Copilot to be a more … Continue reading Microsoft.Source Newsletter | AI for Developers

Announcing NIST Symposium on Unleashing AI Innovation, Enabling Trust: NIST will convene a hybrid symposium on September 24-25, 2024, in Washington, D.C., to discuss recent efforts by the NIST AI Innovation Lab (NAIIL) to help unleash artificial intelligence (AI) innovations in ways which enable trust.  Participants will learn about recent and ongoing efforts, and contribute to NIST’s vision for the work ahead, including opportunities … Continue reading Announcing NIST Symposium on Unleashing AI Innovation, Enabling Trust

Implementation Challenges in Privacy-Preserving Federated Learning: In this post, we talk with Dr. Xiaowei Huang, Dr. Yi Dong, Dr. Mat Weldon, and Dr. Michael Fenton, who were winners in the UK-US Privacy-Enhancing Technologies (PETs) Prize Challenges. We discuss implementation challenges of privacy-preserving federated learning (PPFL) – specifically, the areas of threat modeling and real world deployments. In research on PPFL, the protections … Continue reading Implementation Challenges in Privacy-Preserving Federated Learning