CIS Benchmark Blog

Security breaches reported to the Office of the Privacy Commissioner of Canada have skyrocketed since the country introduced its new privacy law on November 1, 2018. 

Two U.S. senators have demanded an investigation into Amazon Web Services to determine whether the cloud provider broke the law by failing to secure infrastructure that was compromised in the recent Capital One breach. 

DLA Piper was recently denied a multimillion-dollar cyber insurance claim following the devastating NotPetya ransomware campaign of 2017.

Typeform, the popular Spanish-based online data collection company that specializes in online forms and surveys, announced on Friday that the company has suffered a data breach that resulted in the exposure of some of its user’s data.

New research has found that out of the 160,000 reported cyber-attacks in 2017, 93 percent of them could have been avoided if basic security measures were in place.

Whole Foods, the popular grocery chain that was recently acquired by Amazon, released a statement Thursday claiming to have suffered from a payment card breach.

Researchers at GuardiCore discovered that a VMWare API can be abused by vSphere users with limited privileges to access the guest operating system without authentication.

A new kind of malware with the ability to take down an entire city’s electrical and power grid has been detected.

A new report released by Kaspersky Lab shows that the number of cyber-attacks using flaws in software increased by nearly 25 percent, to over 702 million attempts last year.

Given the recent revelation regarding InterContinental Hotel Group and the breach of 1,200 of its locations, it’s time for the hospitality industry to follow suit and conduct a top to bottom review of their security defenses.

The home improvement supplies retailer who experienced a massive data breach in 2014, resulting in the exposure of more than 50 million customers personal information, has agreed to pay a settlement of $25 million for damages.

According to a survey conducted by Dimensional Research, security frameworks are seeing an increase in adoption rates, with the Center for Internet Security CIS Controls ranked as the leading framework in use.

According to a recent audit report by the Western Australian Auditor General, Colin Murphy, seven different government agencies are not adequately protecting sensitive information from attack.

Every day there seems to be a new victim of a massive data breach, making them seem more normal than ever before.

Patch management - two words that are vital to cybersecurity, but that rarely generate enough attention.

Good news - NNT Change Tracker Enterprise version 7 has satisfied the requirements of CIS Security Software Certification and has now been awarded CIS Security Software Certification for the following CIS Benchmarks:

Those enrolled in United Airlines' MileagePlus program should change their password as a precaution against hackers. It's a reminder that multiple uses of the same username and password combination may be storing up trouble for the future.

The Center for Internet Security (CIS) has now awarded NNT new Security Software Certifications for the following CIS Benchmarks.

NNT becoming an OVAL Adopter now means Change Tracker Enterprise V6.5 can not only use OVAL checklists to run Compliance Reports and score a device for compliance but that a monitoring Template can also be generated to provide continuous compliance monitoring.