Week in Review — US gov't pushes memory-safe programming, Cybersecurity Framework 2.0

Source: Zooner GmbH via Alamy

Week in Review — US gov't pushes memory-safe programming, Cybersecurity Framework 2.0

March 01, 2024 by Robert Lemos Categories : Week in Review

The National Institute of Standards and Technology (NIST) has revised the book on creating a comprehensive cybersecurity program that aims to help organizations of every size be more secure. Here's where to start putting the changes into action.

Convincing phishing emails, synthetic identities, and deepfakes all have been spotted in cyberattacks on the continent. Applications are increasingly distributed, expanding companies' cloud attack surfaces and requiring regular testing to find and fix vulnerabilities — and avoid the risk of a growing sprawl of services.

The White House Office of the National Cyber Director puts software developers on notice, calling for a move to memory-safe programming languages and the development of security metrics. UNC1549, aka Smoke Sandstorm and Tortoiseshell, appears to be the culprit [behind a cyberattack campaign customized for each targeted organization]https://www.darkreading.com/cyberattacks-data-breaches/illusive-iranian-hacking-group-ensnares-israeli-uae-aerospace-and-defense-firms.