Saturday, December 17, 2022

Short Takes – 12-17-22

White House preps security controls for commercial software. article. Rules for SBOM and software attestation – Pull quote: “The White House announcement on software acquisition comes as the clock is ticking on key portions of the cybersecurity executive order. Agencies have until September 2023 to collect letters of attestation from vendors to assert that third-party software is compliant with secure software development practices. Agencies must secure letters of attestation by June 2023 for critical software, which NIST defines as software with direct or privileged access to networking or computing resources or otherwise performing functions critical to trust.”

The ‘unprecedented’ risks facing our power grid this winter should be a wake-up call for government. article. Pull quote: “NERC’s sobering report is not the first wake-up call regulators and legislators have heard, but it should be the most concerning. Lawmakers should take note before they begin to face capacity shortfalls across the country. One of the most important, cost-effective, and easiest things they can do is fill the forthcoming vacancy at FERC with someone who understands that supporting the energy transition and ensuring the grid has adequate access to dispatchable power throughout the year are not mutually exclusive goals. We can do both by taking a holistic approach, and indeed must do so or risk disastrous consequences.”

Passkeys. post. Pull quote: “Most often, and at least in the short run, apps that implement Passkeys will  leave their use at the option of the user.  It will be offered as an option, either at enrollment time or when signing on.   If one accesses an account from multiple devices, one  may create a passkey for the account on multiple devices.  Apple plans to store keys in the cloud, as does now with passwords, so that one key can be used across multiple Apple devices sharing access to one Apple account.”

Artemis 1’s Orion capsule returned safely to Earth. What’s next? article. Includes overview of activities during the mission. Pull quote: “To prep for Artemis II, “the next step is adding the crew and adding an environmental control and life support system to the Artemis II spacecraft,” Korth says. Several components of the Space Launch System rocket that will launch that next flight are being constructed, and the next Orion crew and service modules are being tested and completed at Kennedy Space Center.”

FBI warns that BEC attacks now also target food shipments. article. Pull quote: “As the FBI, the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the U.S. Department of Agriculture (USDA) revealed, the value of the stolen food reaches, in some cases, hundreds of thousands of dollars.” FBI Report link -

No comments:

/* Use this with templates/template-twocol.html */