Latest news with #MITRE
Business Wire
6 days ago
- Business
- Business Wire
Post-Quantum Cryptography Coalition Unveils PQC Migration Roadmap
MCLEAN, Va. & BEDFORD, Mass.--(BUSINESS WIRE)--The Post-Quantum Cryptography Coalition (PQCC) released its Post-Quantum Cryptography (PQC) Migration Roadmap to assist organizations of all sizes in navigating the complexities of transitioning to quantum-safe cryptography. 'As quantum computing technology continues to advance, organizations cannot afford to delay preparing for these transformative changes and threats to their security,' said Wen Masters, vice president of cyber technologies, MITRE. Share 'As quantum computing technology continues to advance, organizations cannot afford to delay preparing for these transformative changes and threats to their security,' said Wen Masters, vice president of cyber technologies, MITRE. "This roadmap empowers CIOs (chief information officers) and CISOs (chief information security officers) to act decisively, taking proactive steps to protect sensitive data now and in the future.' Key features of the PQC Migration Roadmap include: Preparation: Learn how to identify relevant stakeholders, assess vulnerabilities, and align organizational goals with migration timelines. Baseline Understanding: Develop an inventory of cryptographic assets and prioritize critical resources. Planning and Execution: Acquire or develop quantum-safe solutions and implement them with precision. Monitoring and Evaluation: Establish robust tracking measures and continuously assess cryptographic security as quantum threats evolve. Building on the National Institute of Standards and Technology PQC standards and the National Cybersecurity Center of Excellence PQC migration project, the coalition's roadmap allows organizations to quickly and easily tailor a PQC Roadmap for their own needs based on the shared experiences of the PQCC members. 'I'm overjoyed to see the coalition come together to create this roadmap that anyone can use to accelerate their own PQC migration,' said Matt Mickelson, lead coordinator of the PQC Coalition and senior cyber principal for science and technology, MITRE. Download the PQC Migration Roadmap to gain insights into how your organization can prepare for the future of quantum-safe security. For more updates, visit to see the state of the migration on the PQC heatmap, and look for a tailorable PQC inventory workbook tool to be released soon. Organizations or individuals that wish to participate in the coalition can visit or contact pqcc-registration-list@ About the Post-Quantum Cryptography Coalition The PQCC is a global community of technologists, researchers, and cybersecurity experts dedicated to providing critical outreach and education to support PQC migration and to bolster efforts to establish and implement interoperable standards and technology. Founded by IBM Quantum, Microsoft, MITRE, PQShield, and SandboxAQ, the coalition brings together more than 125 leading contributors from diverse organizations working to secure the digital landscape. About MITRE MITRE's mission-driven teams are dedicated to driving solutions to our nation's most pressing challenges. As a not-for-profit research and development organization, MITRE's staff leverage our unique multi-sponsor vantage point, systems expertise, and innovative solutions to ensure the health, prosperity, and security of our nation.
Associated Press
6 days ago
- Business
- Associated Press
Post-Quantum Cryptography Coalition Unveils PQC Migration Roadmap
MCLEAN, Va. & BEDFORD, Mass.--(BUSINESS WIRE)--May 28, 2025-- The Post-Quantum Cryptography Coalition (PQCC) released its Post-Quantum Cryptography (PQC) Migration Roadmap to assist organizations of all sizes in navigating the complexities of transitioning to quantum-safe cryptography. 'As quantum computing technology continues to advance, organizations cannot afford to delay preparing for these transformative changes and threats to their security,' said Wen Masters, vice president of cyber technologies, MITRE. 'This roadmap empowers CIOs (chief information officers) and CISOs (chief information security officers) to act decisively, taking proactive steps to protect sensitive data now and in the future.' Key features of the PQC Migration Roadmap include: Building on the National Institute of Standards and Technology PQC standards and the National Cybersecurity Center of Excellence PQC migration project, the coalition's roadmap allows organizations to quickly and easily tailor a PQC Roadmap for their own needs based on the shared experiences of the PQCC members. 'I'm overjoyed to see the coalition come together to create this roadmap that anyone can use to accelerate their own PQC migration,' said Matt Mickelson, lead coordinator of the PQC Coalition and senior cyber principal for science and technology, MITRE. Download the PQC Migration Roadmap to gain insights into how your organization can prepare for the future of quantum-safe security. For more updates, visit to see the state of the migration on the PQC heatmap, and look for a tailorable PQC inventory workbook tool to be released soon. Organizations or individuals that wish to participate in the coalition can visit or contact [email protected]. About the Post-Quantum Cryptography Coalition The PQCC is a global community of technologists, researchers, and cybersecurity experts dedicated to providing critical outreach and education to support PQC migration and to bolster efforts to establish and implement interoperable standards and technology. Founded by IBM Quantum, Microsoft, MITRE, PQShield, and SandboxAQ, the coalition brings together more than 125 leading contributors from diverse organizations working to secure the digital landscape. About MITRE MITRE's mission-driven teams are dedicated to driving solutions to our nation's most pressing challenges. As a not-for-profit research and development organization, MITRE's staff leverage our unique multi-sponsor vantage point, systems expertise, and innovative solutions to ensure the health, prosperity, and security of our nation. View source version on Media:Jordan Graham or Lisa Fasold,[email protected] KEYWORD: VIRGINIA MASSACHUSETTS UNITED STATES NORTH AMERICA INDUSTRY KEYWORD: DATA MANAGEMENT TECHNOLOGY SEMICONDUCTOR SECURITY OTHER TECHNOLOGY SOFTWARE ARTIFICIAL INTELLIGENCE NETWORKS INTERNET MOBILE/WIRELESS HARDWARE SOURCE: MITRE Copyright Business Wire 2025. PUB: 05/28/2025 09:43 AM/DISC: 05/28/2025 09:42 AM
Mid East Info
19-05-2025
- Mid East Info
AUS engineering undergraduate uncovers critical security flaw in Python library, PyCel - Middle East Business News and Information
Adham Elmosalamy, a computer science and engineering student from the College of Engineering at American University of Sharjah (AUS), recently discovered a critical security vulnerability in PyCel, an open-source Python library used to process Excel files. The vulnerability has since been officially added to the global Common Vulnerabilities and Exposures (CVE) database maintained by the US-based MITRE Corporation, a not-for-profit organization that plays a critical role in global cybersecurity. Most CVEs are reported by professional researchers, cybersecurity firms or PhD-level academics, which makes Elmosalamy's contribution particularly notable. 'This is a significant achievement that speaks to the quality of students we nurture at AUS,' said Dr. Fadi Aloul, Dean of CEN. 'Being assigned a CVE by MITRE is akin to earning a black belt in cybersecurity—a sign of exceptional skill. For an undergraduate to reach this level is remarkable. We are very proud of Elmosalamy's positive impact in the global cybersecurity domain.' Elmosalamy first identified the issue in November 2024 during an independent review of open-source libraries. Within days, he developed a proof-of-concept and submitted a detailed report to MITRE. MITRE then validated the findings and assigned the official CVE number CVE-2024-53924. This number is a standardized identifier that can be used by developers, software engineers and other professionals around the world to track and respond to publicly disclosed cybersecurity flaws in software. Elmosalamy's CVE-2024-53924 is known as a code execution vulnerability—one of the most severe types of software security risks. It affects users of PyCel who open untrusted Excel files, potentially allowing attackers to execute malicious code on their systems. It was assigned a CVSS severity score of 9.8/10, classifying it as 'critical' by the National Institute of Standards and Technology (NIST), which is responsible for evaluating and scoring CVEs through its National Vulnerability Database. Since assigning the CVE, MITRE has contacted the software vendors to fix the vulnerability. As of April 17, it began publicizing the issue to try to protect all users vulnerable to the software. 'This is my first CVE, which is very special to me. It's incredibly rewarding to see my knowledge applied in a way that contributes to securing our cyber infrastructure,' said Elmosalamy. 'This milestone reflects the many hours I've dedicated to learning and practicing cybersecurity, and I hope it encourages other students to explore this vital field. An AUS student first inspired me during my freshman year—someone whose passion left a lasting impression despite graduating that same semester. Since then, I've dedicated myself to creating a thriving cybersecurity community at AUS and competed in the Collegiate Penetration Testing Competition (CPTC) for three consecutive years. In 2022, I reached the finals in Rochester, New York. I later founded the Society of Cybersecurity (SOC) in 2023, through which I hosted 27 events over three semesters, from industry talks to bootcamps and an outreach workshop for high schoolers. Today, Elmosalamy is studying and AUS and working at CTFAE, a startup founded by AUS alumni, where he has built new products and helped organize major events, including the Guinness World Record-holding BlackHat Middle East cybersecurity conference in Riyadh. 'I'm deeply committed to establishing AUS as a regional leader in cybersecurity education, and I hope to see the university offer more specialized courses in areas like digital forensics, threat hunting and cryptography in future,' he said. Elmosalamy has published a technical explanation of his findings on GitHub, along with a video demonstration, to raise awareness among developers and end-users alike. CEN offers talented students a range of programs that prepare them for cutting-edge careers in technology and cybersecurity, including the Bachelor of Science in Computer Engineering, Bachelor of Science in Computer Science, Master of Science in Computer Engineering (MSCOE) and the PhD in Electrical and Computer Engineering (PhD-ECE). The college's programs equip students with a strong foundation in IT, engineering and cybersecurity, and give them a competitive edge by incorporating emerging topics such as AI and machine learning—part of the college's recent CEN 2.0 curriculum enhancements. About AUS: American University of Sharjah (AUS) was founded in 1997 by His Highness Sheikh Dr. Sultan Bin Muhammad Al Qasimi, Member of the Supreme Council of the United Arab Emirates and Ruler of Sharjah. Sheikh Sultan articulated his vision of a distinctive institution against the backdrop of Islamic history and in the context of the aspirations and needs of contemporary society in the UAE and the Gulf region. Firmly grounded in principles of meritocracy and with a strong reputation for academic excellence, AUS has come to represent the very best in teaching and research, accredited internationally and recognized by employers the world over for creating graduates equipped with the knowledge, skills and drive to lead in the 21st century. AUS values learners not driven only by academic success, but by those that embrace our dynamic campus life and embody our ideals of openness, tolerance and respect. This combination of academic excellence and community spirit ensures AUS is filled with world-class faculty and students, poised to become the innovators, thinkers, contributors and leaders of tomorrow.
Sharjah 24
19-05-2025
- Sharjah 24
AUS undergraduate uncovers security flaw in Python library, PyCel
The vulnerability has been officially added to CVE database The vulnerability has since been officially added to the global Common Vulnerabilities and Exposures (CVE) database maintained by the US-based MITRE Corporation, a not-for-profit organization that plays a critical role in global cybersecurity. Most CVEs are reported by professional researchers, cybersecurity firms or PhD-level academics, which makes Elmosalamy's contribution particularly notable. 'This is a significant achievement that speaks to the quality of students we nurture at AUS,' said Dr. Fadi Aloul, Dean of CEN. 'Being assigned a CVE by MITRE is akin to earning a black belt in cybersecurity—a sign of exceptional skill. For an undergraduate to reach this level is remarkable. We are very proud of Elmosalamy's positive impact in the global cybersecurity domain.' First identified the issue in November 2024 Elmosalamy first identified the issue in November 2024 during an independent review of open-source libraries. Within days, he developed a proof-of-concept and submitted a detailed report to MITRE. MITRE then validated the findings and assigned the official CVE number CVE-2024-53924. This number is a standardized identifier that can be used by developers, software engineers and other professionals around the world to track and respond to publicly disclosed cybersecurity flaws in software. Elmosalamy's CVE-2024-53924 is known as a code execution vulnerability—one of the most severe types of software security risks. It affects users of PyCel who open untrusted Excel files, potentially allowing attackers to execute malicious code on their systems. It was assigned a CVSS severity score of 9.8/10, classifying it as 'critical' by the National Institute of Standards and Technology (NIST), which is responsible for evaluating and scoring CVEs through its National Vulnerability Database. Since assigning the CVE, MITRE has contacted the software vendors to fix the vulnerability. As of April 17, it began publicising the issue to try to protect all users vulnerable to the software. 'This is my first CVE, which is very special to me' 'This is my first CVE, which is very special to me. It's incredibly rewarding to see my knowledge applied in a way that contributes to securing our cyber infrastructure,' said Elmosalamy. 'This milestone reflects the many hours I've dedicated to learning and practicing cybersecurity, and I hope it encourages other students to explore this vital field. An AUS student first inspired me during my freshman year—someone whose passion left a lasting impression despite graduating that same semester. Since then, I've dedicated myself to creating a thriving cybersecurity community at AUS and competed in the Collegiate Penetration Testing Competition (CPTC) for three consecutive years. In 2022, I reached the finals in Rochester, New York. I later founded the Society of Cybersecurity (SOC) in 2023, through which I hosted 27 events over three semesters, from industry talks to bootcamps and an outreach workshop for high schoolers. Today, Elmosalamy is studying and AUS and working at CTFAE, a startup founded by AUS alumni, where he has built new products and helped organize major events, including the Guinness World Record-holding BlackHat Middle East cybersecurity conference in Riyadh. 'I'm deeply committed to establishing AUS as a regional leader in cybersecurity education' 'I'm deeply committed to establishing AUS as a regional leader in cybersecurity education, and I hope to see the university offer more specialized courses in areas like digital forensics, threat hunting and cryptography in future,' he said. Elmosalamy has published a technical explanation of his findings on GitHub, along with a video demonstration, to raise awareness among developers and end-users alike. CEN offers talented students a range of programs that prepare them for cutting-edge careers in technology and cybersecurity, including the Bachelor of Science in Computer Engineering, Bachelor of Science in Computer Science, Master of Science in Computer Engineering (MSCOE) and the PhD in Electrical and Computer Engineering (PhD-ECE). The college's programs equip students with a strong foundation in IT, engineering and cybersecurity, and give them a competitive edge by incorporating emerging topics such as AI and machine learning—part of the college's recent CEN 2.0 curriculum enhancements.
Associated Press
15-05-2025
- Business
- Associated Press
Pierce Aerospace and MITRE Partner to Advance Remote ID Research and Development
Pierce Aerospace and MITRE Partner to Advance Remote ID Research and Development 'MITRE is proud to partner with Pierce Aerospace to advance critical initiatives in homeland and national security.'— Yosry Barsoum FISHERS, IN, UNITED STATES, May 15, 2025 / / -- Pierce Aerospace announced that it has executed a memorandum of understanding with MITRE to advance research and the state of the art of unmanned aircraft system (UAS) remote identification. The new collaboration between Pierce Aerospace and MITRE will see Pierce Aerospace's Remote ID sensors installed at the MITRE National Range for remote identification and UAS-related research purposes. The two organizations also will collaborate to advance airspace detection, UAS/autonomy operations, and homeland security capabilities. 'MITRE has always been at the forefront of supporting the public safety sector and the United States through their research and development in support of the Department of Defense, Department of Homeland Security, and Department of Transportation,' said Aaron Pierce, chief executive officer, Pierce Aerospace. 'We previously engaged with MITRE in testing and evaluation of our Remote ID sensors and capabilities. It made logical sense to further the relationship so we can continue to advance research and development with MITRE in support of the public safety sector and the U.S. government, particularly as we continue to advance the state of the art of UAS remote identification.' The new collaboration between Pierce Aerospace and MITRE focuses on using scientific research and experimentation to address real-world challenges from the increased use of unmanned systems. Allowing academia, government, and industry to collaborate on advancing mission priorities through prototyping and experimentation, the MITRE National Range provides an ideal location to learn, develop, and test capabilities to enhance homeland and national security measures that serve the public interest. 'MITRE is proud to partner with Pierce Aerospace to advance critical initiatives in homeland and national security. Our mission is to enhance capabilities in ways that are both effective and safe,' said Yosry Barsoum, vice president and director of the Center for Securing the Homeland at MITRE. 'By working across industry, federal agencies, and academia, MITRE is uniquely positioned to understand how emerging technologies align with mission objectives. This collaboration between the MITRE National Range and Pierce Aerospace is a vital step in transforming airspace management, ensuring public safety for drone operators and hobbyists, and strengthening our ability to respond to evolving threats.' 'In the last year, we've advanced our Remote ID capabilities and demonstrated that broadcast Remote ID can serve as a fundamental infrastructure that supports an economical path toward UAS integration into the National Airspace System (NAS),' added Pierce. 'With MITRE we intend to continue to push the envelope of research and deliver solutions that aid in the safe and secure integration of drones into the NAS.' About Pierce Aerospace Pierce Aerospace, a Techstars-backed company, is a dual-use IoT and aerospace company and drone Remote ID service provider focused on robust integration of Remote ID services into the UAS ecosystem. As an industry leader, Pierce Aerospace serves on the FAA's Drone Safety Team, ASTM F38 Committee on Unmanned Aircraft Systems, and the FAA Detection and Mitigation Advanced Rulemaking Committee. Funds from the U.S. Air Force and the State of Indiana support Pierce Aerospace's Remote ID technology, which was nominated as Indiana's Innovation of the Year by Techpoint and awarded first place in Remote ID technology at the Association for Uncrewed Vehicle Systems International's Excellence Awards. Pierce Aerospace was awarded the Techpoint Mira Award as Indiana's most innovative tech team. The company is headquartered in Indianapolis, Indiana, the racing capital of the world. Visit About MITRE MITRE's mission-driven teams are dedicated to driving solutions to our nation's most pressing challenges. As a not-for-profit research and development organization, MITRE's staff leverage our unique multi-sponsor vantage point, systems expertise, and innovative solutions to ensure the health, prosperity, and security of our nation. Media: Pierce Aerospace, [email protected] MITRE, Lisa Fasold, [email protected] Aaron Pierce Pierce Aerospace +1 317-286-2919 email us here Visit us on social media: LinkedIn Legal Disclaimer: EIN Presswire provides this news content 'as is' without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
