NIST Site Search
Google
Web NIST.org
NIST.gov
Product Research

Advertise on this site
Headlines

»Excel Invalid Object
A remote code execution vulnerability exists within Microsoft Excel which may allow for a remote att ...
»Adobe PDF Buffer Overflow
A vulnerability exists within Adobe Acrobat that allows an attacker to execute arbitrary code on a v ...
»Creative Software AutoUpdate Engine ActiveX stack buffer overflow
The Creative Software AutoUpdate Engine ActiveX control is a component that provides automatic updat ...
»Internet Connection Sharing DoS
A denial of service vulnerability exists within the Internet Connection Sharing service in Microsoft ...
»RPC Memory Exhaustion
The three referenced exploits take advantage of an inherent problem in RPC, in which an attacker get ...

Date published: Tue, 9 Mar 2010 20:46:00 PST
Details

»News: Twitter attacker had proper credentials
Twitter attacker had proper credentials
»News: PhotoDNA scans images for child abuse
PhotoDNA scans images for child abuse
»News: Conficker data highlights infected networks
Conficker data highlights infected networks

>> Advertisement <<
Can you ...
»News: Popular apps need better patching, says report
Popular apps need better patching, says report
»Brief: Google offers bounty on browser bugs
Google offers bounty on browser bugs

Date published: not known
Details

»RSA Conference Wrapup
Well another RSA Conference has come and gone. Lots of vendor noise about their product being the o ...
»Facebook Patents Social Feeds and I Patent XSS
In honor of the USPO’s decision to allow Facebook’s patent for social feeds I decided to ...
»Banks, Businesses, Viruses and the UCC
There’s an interesting post over at Krebs On Security talking about some poor company that is ...
»Google Buzz Security Flaw
… Speaking of Google, I got an email from TrainReq (the same fellow who allegedly hacked Miley ...
»Nevermind, I Was Wrong, Google Is Evil
I’ve been waiting a while to do this post - several weeks actually since my original post. In ...
»Phishing With Google Wave
Hat tip to cyberlocksmith for this post. He pointed me to a good article on how to phish Google Wav ...

Date published: not known
Details

»Microsoft Releases March Security Bulletin
»Energizer DUO USB Battery Charger Software Allows Remote System Access
»Cisco Releases Multiple Security Advisories
»Microsoft Releases Advance Notification for March Security Bulletin
»U.S. Census Bureau 2010 Census Campaign Warning
»Microsoft Re-Releases Security Bulletin MS10-015
»Microsoft Releases Security Advisory to Address VBScript Vulnerability
»Adobe Releases a Security Update for Download Manager
»Mozilla Releases Security Advisories
»Cisco Releases Multiple Security Advisories

Date published: not known
Details

»T-323: Microsoft Security Advisory (981374)
Microsoft Security Advisory (981374)
»T-322: March Patch Tuesday Notes
March Patch Tuesday Notes
»T-321: Energizer DUO USB battery charger software allows unauthorized remote system access
Energizer DUO USB battery charger software allows unauthorized remote system access
»T-320: Apache 2.2.14 mod_isapi Dangling Pointer
Apache 2.2.14 mod_isapi Dangling Pointer
»T-319: Apache Multiple Security Vulnerabilities
Apache Multiple Security Vulnerabilities
»T-318: Drupal Prior to 6.16 and 5.22 Multiple Security Vulnerabilities
Drupal Prior to 6.16 and 5.22 Multiple Security Vulnerabilities
»T-317: Vulnerability in VBScript Could Allow Remote Code Execution
Vulnerability in VBScript Could Allow Remote Code Execution
»T-316: Microsoft Windows Client/Server Run-time Subsystem Local Privilege Escalation Vulnerability
Microsoft Windows Client/Server Run-time Subsystem Local Privilege Escalation Vulnerability
»T-315: PHP 5.2.13 Security Update
PHP 5.2.13 Security Update
»T-314: Microsoft Windows ICMPv6 Router Advertisement Remote Code Execution Vulnerability
Microsoft Windows ICMPv6 Router Advertisement Remote Code Execution Vulnerability
»T-313: Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability
Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerabi ...
»T-312: Adobe Download Manager Unspecified Arbitrary File Download Vulnerability
Adobe Download Manager Unspecified Arbitrary File Download Vulnerability
»T-311: Microsoft Windows SMB Client Race Condition Remote Code Execution Vulnerability
Microsoft Windows SMB Client Race Condition Remote Code Execution Vulnerability
»T-310: Mozilla Firefox Multiple Remote Memory Corruption Vulnerabilities
Mozilla Firefox Multiple Remote Memory Corruption Vulnerabilities
»T-309: Mozilla Firefox Unspecified Remote Code Execution Vulnerability
Mozilla Firefox Unspecified Remote Code Execution Vulnerability

Date published: not known
Details

»Morphing PDFs in new SEO poisoning trick
Harmless documents replaced by web pages containing malicious code.
»Botnet taken down as ringleaders are arrested
'Mariposa' included almost 13 million zombies.
»March issue of VB published
The March issue of Virus Bulletin is now available for subscribers to download.
»Spammers move from China to Russia
Stricter rules on registering .cn domains leads to increase in malicious .ru domains.
»Nearly 20% still running IE 6
VB poll finds users still running outdated browser despite campaigns to boycott it.
»Out-of-band patch release from Adobe
Unscheduled update released by Adobe.

Date published: not known
Details

»Voluntary Breach Disclosure Rare But Valuable
Most organizations won't go public about an attack unless they have to, but security experts say the ...
»Ford Motor Rolls Out New Security Features To Prevent Car-Hacking
Auto-maker enhances security for new lines of WiFi-enabled vehicles
»Product Watch: Gemalto Rolls Out Secure Online Banking On A Stick
USB thumb drive helps protect against man-in-the middle attacks
»Botnets Serving Project Aurora Likely Built By "Amateurs," Researcher Says
Rumors of sophistication in China's botnet attacks on Google, others were exaggerated, Damballa expe ...
»New Massachusetts Data Privacy Law Adds Incentive For Strong Database Security
Massachusetts Data Privacy Law went into effect on March 1 and focuses on prevention

Date published: not known
Details
Search NIST IT Security
Search For:   Enhanced Query Form
Search In:
  
Results 1 - 10 of 12 in Content
NIST FIPS 140-2
...dules to Federal Information Processing Standard (FIPS) 140-2 and other cryptography based standards. Download the complete NIST FIPS 140-2. Plea...
Posted on Wednesday 15 November 2006 - 20:44:06 in

NIST FIPS 197 - Advanced Encryption Standard (AES)
NIST announced the approval of FIPS 197 Advance Encryption Standard (AES) November 2001. AES specifies the Rijndael encryption algorithm as a FIPS-ap...
Posted on Saturday 21 January 2006 - 22:00:00 in

NIST SP 800-73 Interfaces for Personal Identity Verification
...ors, Federal Information Processing Standard 201 (FIPS 201) was developed to establish standards for identity credentials. This document, Special Publ...
Posted on Monday 06 February 2006 - 22:00:00 in

NIST FIPS 201 Personal Identity Verification (PIV)
...t information systems. Download the complete NIST FIPS 201 Please use the NIST.org Forum to ask questions or discuss this document. The belo...
Posted on Monday 06 February 2006 - 22:00:00 in

Federal Information Processing Standards (FIPS)
With the passage of the Federal Information Security Management Act (FISMA) of 2002 all Federal Information Processing Standards (FIPS) are now manda...
Posted on Sunday 22 January 2006 - 16:44:21 in

Guide to NIST Computer Security Documents
In order to make NIST information security documents more accessible, especially to those just entering the security field or with limited needs for t...
Posted on Monday 30 April 2007 - 19:58:26 in

NIST SP 800-48 Revision 1, Wireless Network Security for IEEE 802.11a/b/g and Bluetooth
...port for Federal Information Processing Standard (FIPS) validated cryptographic algorithms. Therefore, NIST recommends that organizations with existin...
Posted on Tuesday 07 August 2007 - 22:00:00 in

NIST SP 800-78 Cryptographic Algorithms and Key Sizes for Personal Identity Verification
...es for PIV systems and is a companion document to FIPS 201. Download the entire NIST SP 800-78 PDF You may use the NIST.org Forum to ask question...
Posted on Monday 06 February 2006 - 22:00:00 in

Important HSPD-12 Documents and Links
... how to implement it *OMB Memorandum M-05-24 *FIPS 140-2 *FIPS 201 NIST Special Publictions *NIST SP 800-73 *NIST SP 800-76 *NIST...
Posted on Sunday 05 February 2006 - 22:00:00 in

NIST SP 800-76 Biometric Data Specification for Personal Identity Verification
...ractors, Federal Information Processing Standard (FIPS 201), was developed to establish standards for identity credentials. This document, Special Pub...
Posted on Monday 30 January 2006 - 22:00:00 in

Go to page       >>  
Results in Links
No matches found
Results 1 - 10 of 20 in News
GSA Awards Large Contracts for 10 Encryption Products
... “data at rest”. All 10 products use NIST.gov FIPS 140-2 validated encryption modules. You will be hearing much more about these products in the c...
Posted on Wednesday 20 June 2007 - 22:52:35

Evidence that Encrypting Data is the Easy Part
...a, classified, data, top, secret, key, truecrypt, fips, 140-2, fbi, keylogger, chi, mak, tai, security, china, aes, aes256, aes128, blowfish, CAST5, s...
Posted on Friday 25 May 2007 - 15:27:08

NIST.gov releases RFID Security Publication and a NIST Security Table of Contents
..., sp, special, publication, table, contents, 800, fips@@@ NIST.gov has released NIST Special Publication (SP) 800-98, Guidelines for Securing Ra...
Posted on Tuesday 01 May 2007 - 05:56:20

U.S. Government Agencies Banning Microsoft Vista
...curity, moratorium, nist, gov, dot, faa, federal, fips, aviation, administration, office, 2007, google, apps, ocio@@@ In what turning out to be...
Posted on Tuesday 13 March 2007 - 21:56:36

NSA Posts Notice on ‘Suite B’ encryption
...ough the Federal Information Processing Standard (FIPS) 201 for identity cards makes no specific reference to it, said Brendan Ziolo, marketing direct...
Posted on Monday 12 December 2005 - 22:39:27

FISMA guidance nearly complete
...ct, guidance, guidelines, compliance, omb, a-130, fips, 200, standard, processing, requirement@@@ The publication, titled “Guide for Assessing...
Posted on Thursday 01 December 2005 - 04:25:48

NIST to set up Web site for products being FIPS-201-tested
NIST.GOV will be posting test results vendor smart cards and readers to see whether they conform to Federal Information Processing Standard-201 and NI...
Posted on Wednesday 30 November 2005 - 15:50:12

NIST.gov releases draft of Wireless Network Security for IEEE 802.11a/b/g and Bluetooth
...tute, standards, ieee, access point, adhoc, WPAN, fips, encryption, wpan, wlan, wman, wwan@@@ Draft SP 800-48 Revision 1 provides an overview of...
Posted on Wednesday 08 August 2007 - 06:17:10

News Release - LogLogic Announces FISMA Control and Compliance Suite Based On NIST For Government Organizations
...s - the Federal Information Processing Standards (FIPS), the National Institute of Standards and Technology (NIST) "Recommended Security Controls for ...
Posted on Sunday 13 May 2007 - 15:19:25

SANS.org SOHO Backups and Encryption article
...ould be mentioned, though TrueCrypt offers a NIST FIPS approved algorithm (AES) the application is not on the NIST.gov Advanced Encryption Standard Al...
Posted on Monday 11 September 2006 - 17:05:55

Go to page       >>  
Results 1 - 1 of 1 in Forum
As part of thread: Authorizing Oficial?
Forum -> NIST SP 800 Documents
...I am wrong but even though we have implemented all the security controls we are not FIPS 199 accredited since a government agency certified us.
Posted by Teddy on Wednesday 19 August 2009 - 09:48:07
Results in Comments
No matches found
Results in Other Pages
No matches found
Results in Bugtracker2
No matches found
Translate to: French German Italian Spanish Portuguese GTM_LAN_DUTCH Russian Chinese Arabic Korean English
Latest NIST.org news and comments
Google Ads




NIST Site Menu
·Home

NIST Security Books
NIST IT Security Books

Training / Books

»Security Certifications -
» CISSP, SSCP, Security+, etc.

»Computer Forensics

»Ethical Hacking

»Malware, Spyware, Viruses

»FISMA Compliance, Policies, etc

»PKI, Encryption, Smartcards

»Windows Security Guides

»HIPAA, SOX, CISP, etc.

NIST.org Security Bookstore
Current Security News
 
SANS Internet Storm Center, InfoCON: green

» Infocon: green

» What's My Firewall Telling Me? (Part 4), (Wed, Mar 10th)
[09 Mar 2010 08:37pm]

» Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7, (Wed, Mar 10th)
[09 Mar 2010 08:36pm]

» March 2010 - Microsoft Patch Tuesday Diary, (Tue, Mar 9th)
[09 Mar 2010 11:10am]

» Samurai WTF 0.8, (Mon, Mar 8th)
[09 Mar 2010 09:33am]

» Vodafone Android Phone: Complete with Mariposa Malware, (Tue, Mar 9th)
[09 Mar 2010 07:20am]

» Energizer Malware, (Tue, Mar 9th)
[09 Mar 2010 03:09am]

» SEO poisoning on TV show, (Mon, Mar 8th)
[08 Mar 2010 10:08am]

» Microsoft announced two important bulletins (fixing multiple vulns. affecting Windows and Office) for tomorrow: http://www.microsoft.com/technet/security/Bulletin/MS10-mar.mspx, (Mon, Mar 8th)
[07 Mar 2010 11:55pm]
***
CNET News.com

» Malware found on HTC Android phone from Vodafone
[09 Mar 2010 01:40pm]

» Microsoft warns of zero-day IE hole on Patch Tuesday
[09 Mar 2010 12:48pm]

» Drudge Report accused of serving malware, again
[09 Mar 2010 10:31am]

» Backdoor found in Energizer Duo USB battery charger
[08 Mar 2010 10:10am]

» Police get Webcam pictures in school spy case
[06 Mar 2010 02:12pm]

» At RSA 2010, the secure and the insecure (photos)
[05 Mar 2010 03:04pm]

» RSA 2010: Taking on cyberthreats
[04 Mar 2010 05:09pm]

» Microsoft to fix eight Windows and Office holes
[04 Mar 2010 04:53pm]

» Symantec exhibit makes cybercrime tangible
[04 Mar 2010 04:52pm]

» 'Mission Impossible'-style heist hits N.J. Best Buy
[04 Mar 2010 12:18pm]

» Study lauds IE for blocking Web's social attacks
[04 Mar 2010 08:55am]

» McAfee: Source code is easy target within corporations
[03 Mar 2010 02:01pm]

» Study: Medical identity theft is costly for victims
[03 Mar 2010 06:00am]

» Spain arrests three accused of running huge botnet
[02 Mar 2010 05:10pm]

» Microsoft exec: Infected PCs should be quarantined (Q&A)
[02 Mar 2010 04:42pm]
***
Computerworld Security News

» Twitter to begin screening some links for phishing
[09 Mar 2010 08:09pm]

» Ex-Sun chief dishes dirt on Gates, Jobs
[09 Mar 2010 06:06pm]

» Update: LifeLock to pay $12M to settle FTC, states' complaint
[09 Mar 2010 02:57pm]

» Microsoft skips patch for PowerPoint add-on
[09 Mar 2010 02:16pm]

» Microsoft warns of new IE bug; attacks under way
[09 Mar 2010 12:11pm]

» Bogus intranets scam university students
[09 Mar 2010 08:49am]

» More Security News
***
GSO

» Netgear Router Hack Pt. 2 by Kenny
[01 Dec 2009 05:16pm]

» Netgear Router Hack Pt. 1 by Kenny
[01 Dec 2009 05:16pm]
***


More IT Security
News Feeds
More Sponsors

Advertise on this site
NIST - Books You Need

NIST Bookstore
RSS Feeds
Our news can be syndicated by using these rss feeds.
rss1.0
rss2.0
rdf
Add to NetVibes
Add to Bloglines
Add to NewsGator
Add to Google
Add to My Yahoo
Add to My MSN
Add to Technorati
Add to Pluckit
Add to My AOL
Subscribe in FeedLounge
Add to ProtoPage
Symantec News
Welcome
Username:

Password:


Remember me

[ ]
[ ]
[ ]
Other News

NIST.org is in no way connected to the U.S. government site NIST.gov

This site is © John Herron, CISSP. All Rights Reserved.

Please visit daily to stay up to date on all your IT Security compliance issues.

http://www.nist.org -
Hosted by BlueHost. We've never had a better hosting company.