Version 1.1 includes updates on authentication and identity, self-assessment, supply-chain security and vulnerability disclosure, among other changes.

Former AT&T CSO, Ed Amoroso, says government needs to shift from talk to action when it comes to cybersecurity.

The news of the week is discussed, including this week’s Microsoft Malware Protection Engine bug, Handbrake OS X malware, the HP keylogger, Trump’s Cybersecurity EO, and more.

NIST’s latest password guidelines focus less on length and complexity of secrets and more on other measures such as 2FA, throttling, and blacklists.

NIST has made a public plea for submissions for new crypto algorithms that can stand up against quantum computing and protect data.

Mike Mimoso and Chris Brook discuss the news of the week, including a wireless keyboard vulnerability – KeySniffer, NIST’s statement on 2FA, a LastPass remote compromise bug, and a new Tor paper. Download: Threatpost_News_Wrap_July_29_2016.mp3 Music by Chris Gonsalves

A U.S. government agency said the end is nigh for SMS-based two-factor authentication, citing a lack of security around the feature. The latest draft version of the Digital Authentication Guideline issued this week by the U.S. National Institute for Standards and Technology (NIST) said the practice would soon be discouraged. The Digital Authentication Guideline sets the rules that...