Searching in Data Privacy & Cybersecurity · Search everything
685 changes Data Privacy & Cybersecurity
Request for Information on Cyber Regulatory Harmonization
The Office of the National Cyber Director has issued a Request for Information (RFI) seeking public input on opportunities and obstacles related to harmonizing cybersecurity regulations across various sectors. The RFI aims to gather insights to improve the efficiency and effectiveness of the nation's cybersecurity regulatory landscape.
NISPPAC Meeting Notice
The Information Security Oversight Office has published a notice announcing a meeting of the National Industrial Security Program Policy Advisory Committee (NISPPAC). The meeting is scheduled for July 18, 2019. This notice serves to inform relevant parties of the upcoming meeting details.
Classified National Security Information Rule
The Information Security Oversight Office published a final rule concerning classified national security information. This rule amends 32 CFR 2001 and is effective May 9, 2022, with a comment deadline of April 28, 2022.
State, Local, Tribal, and Private Sector Policy Advisory Committee Meeting
The Information Security Oversight Office announced a meeting for the State, Local, Tribal, and Private Sector Policy Advisory Committee (SLTPS-PAC). The meeting is scheduled for January 29, 2020, and will cover policy discussions relevant to these sectors.
NISPPAC Meeting Notice
The Information Security Oversight Office has published a notice announcing a meeting of the National Industrial Security Program Policy Advisory Committee (NISPPAC). The meeting is scheduled for November 20, 2019. This notice serves to inform the public about the upcoming committee session.
State, Local, Tribal, Private Sector Policy Advisory Committee Meeting Announced
The Information Security Oversight Office announced a meeting of the State, Local, Tribal, and Private Sector Policy Advisory Committee (SLTPS-PAC). The meeting is scheduled for July 24, 2019. This notice serves to inform relevant parties of the upcoming session.
Google Chrome Skia Out-of-Bounds Write Vulnerability
CISA has added a known exploited vulnerability, CVE-2026-3909, affecting Google Chrome versions prior to 146.0.7680.75. This vulnerability allows remote attackers to perform out-of-bounds memory access via a crafted HTML page. Agencies are directed to apply mitigations by March 13, 2026.
V8 in Chrome Vulnerable to Code Execution
CISA has added a vulnerability in Google Chrome's V8 engine to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability (CVE-2026-3910) allows remote code execution and requires federal agencies to patch by March 13, 2026.
Vim Vulnerability Allows Code Execution (CVSS 6.6)
The German National Cybersecurity Agency (BSI) has issued a security advisory for a vulnerability in the Vim text editor. The vulnerability, with a CVSS score of 6.6, allows local attackers to execute arbitrary code. Mitigation is available.
Microsoft ASP.NET/.NET Vulnerabilities Advisory
This advisory updates information on multiple vulnerabilities in Microsoft ASP.NET and .NET, with a CVSS Base Score of 7.8. The update includes affected products on Ubuntu, Oracle, and Red Hat Linux, in addition to previously listed Microsoft ASP.NET Core and .NET versions.