The National Institute of Standards and Technology (NIST) has contracted an external vendor to address the backlog of software and hardware vulnerabilities in the National Vulnerability Database (NVD). This backlog emerged after NIST announced cutbacks in February 2023, causing delays in the enrichment and processing of new vulnerabilities. NIST, working with the Cybersecurity and Infrastructure Agency (CISA), aims to resume previous processing rates within a few months and clear the backlog by the end of the fiscal year. NIST's funding decreased by 12% this year, affecting its capacity. To improve the NVD program sustainably, NIST is updating technology and processes and emphasizes the need for automation in vulnerability management. CISA has initiated the “Vulnrichment” effort to enhance the information available on vulnerabilities. Experts and former officials stress that restoring NVD functionality is crucial for maintaining cybersecurity defenses.

NIST expects to clear backlog in vulnerabilities database by end of fiscal year therecord.media

Epic has introduced an open-source AI validation tool suite for health systems to use in validating and monitoring machine learning (ML) models integrated into electronic health records (EHR). This tool automates key aspects of the model validation process, making it more accessible to health systems that may not have extensive data science resources. By enabling local clinicians to assess these models, health systems can ensure that the AI models are safe, effective, and appropriate for their specific patient populations. This decentralization empowers end-users to fine-tune models based on local knowledge and need for real-world healthcare environments, potentially establishing Epic as a central platform in healthcare technology.

Empowering individual health systems to validate AI models Byte to Bedside

Microsoft has raised concerns about an increase in cyber attacks targeting internet-exposed operational technology (OT) devices since late 2023. These attacks can compromise industrial processes by manipulating OT system parameters, leading to malfunctions and outages. Microsoft highlighted the importance of enhancing OT security to prevent exploitation, especially given the devices' vulnerability due to weak passwords and outdated software. Recent geopolitical tensions have further heightened risks, with advisories from Rockwell Automation and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) urging protective measures. Additionally, the emergence of malware like Fuxnet demonstrates the destructive potential of such attacks on critical infrastructure.

Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices The Hacker News

Salesforce has experienced a slowdown in growth, with fiscal first-quarter revenue increasing by just 10.7% and a forecasted 7% growth rate for the current period, both falling below Wall Street's expectations. Billings grew by a mere 3%, and the company's current remaining performance obligation rose 9.5%, marking its first single-digit increase. Despite achieving over 32% in adjusted operating margins, the market's focus on top-line growth led to a significant 20% drop in Salesforce’s stock. The broader cloud software industry also faces challenges, as companies like Workday, Snowflake, and others report slower deal closures and increased scrutiny, partly attributed to growing investments in AI.

Salesforce: major deals are taking longer to close, if they close at all. The Wall Street Journal

The National Institute of Standards and Technology (NIST) has contracted an external vendor to address the backlog of software and hardware vulnerabilities in the National Vulnerability Database (NVD). This backlog emerged after NIST announced cutbacks in February 2023, causing delays in the enrichment and processing of new vulnerabilities. NIST, working with the Cybersecurity and Infrastructure Agency (CISA), aims to resume previous processing rates within a few months and clear the backlog by the end of the fiscal year. NIST's funding decreased by 12% this year, affecting its capacity. To improve the NVD program sustainably, NIST is updating technology and processes and emphasizes the need for automation in vulnerability management. CISA has initiated the “Vulnrichment” effort to enhance the information available on vulnerabilities. Experts and former officials stress that restoring NVD functionality is crucial for maintaining cybersecurity defenses.

NIST expects to clear backlog in vulnerabilities database by end of fiscal year therecord.media

Epic has introduced an open-source AI validation tool suite for health systems to use in validating and monitoring machine learning (ML) models integrated into electronic health records (EHR). This tool automates key aspects of the model validation process, making it more accessible to health systems that may not have extensive data science resources. By enabling local clinicians to assess these models, health systems can ensure that the AI models are safe, effective, and appropriate for their specific patient populations. This decentralization empowers end-users to fine-tune models based on local knowledge and need for real-world healthcare environments, potentially establishing Epic as a central platform in healthcare technology.

Empowering individual health systems to validate AI models Byte to Bedside

Microsoft has raised concerns about an increase in cyber attacks targeting internet-exposed operational technology (OT) devices since late 2023. These attacks can compromise industrial processes by manipulating OT system parameters, leading to malfunctions and outages. Microsoft highlighted the importance of enhancing OT security to prevent exploitation, especially given the devices' vulnerability due to weak passwords and outdated software. Recent geopolitical tensions have further heightened risks, with advisories from Rockwell Automation and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) urging protective measures. Additionally, the emergence of malware like Fuxnet demonstrates the destructive potential of such attacks on critical infrastructure.

Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices The Hacker News

Salesforce has experienced a slowdown in growth, with fiscal first-quarter revenue increasing by just 10.7% and a forecasted 7% growth rate for the current period, both falling below Wall Street's expectations. Billings grew by a mere 3%, and the company's current remaining performance obligation rose 9.5%, marking its first single-digit increase. Despite achieving over 32% in adjusted operating margins, the market's focus on top-line growth led to a significant 20% drop in Salesforce’s stock. The broader cloud software industry also faces challenges, as companies like Workday, Snowflake, and others report slower deal closures and increased scrutiny, partly attributed to growing investments in AI.

Salesforce: major deals are taking longer to close, if they close at all. The Wall Street Journal