Newsletter

Is Your Organization Ready for NIST 800-171?

Do you currently have contracts with the United States Department of Defense (DoD), or are you a subcontractor to a prime contractor with DoD contracts? If so, your organization must comply with the National Institute of Standards and Technology’s latest framework, NIST 800-171. NIST 800-171 is designed to provide guidance to non-federal entities- contractors, state governments, federal grant recipients, etc.- to ensure all systems that process, store, or transmit Controlled Unclassified Information (CUI) are secured and hardened.

Read More

32 lawsuits filed against intel for cpu flaws

Over 30 lawsuits have been filed by Intel customers and shareholders following the disclosure of the Meltdown and Spectre attack methods.

According to an annual report submitted by Intel to the U.S. Securities and Exchange Commission (SEC), three class action lawsuits were filed against Intel within one week of the Meltdown & Spectre flaw disclosure, but that numbers reached 32 as of February 15.

Read more »

Group Notifications with Gen7

The foundation of NNT Change Tracker Gen7 is the grouping system. Deployed agents and devices monitored by Change Tracker’s agentless operations are placed into groups which carry monitoring templates for that group.

The grouping system is accumulative in Change Tracker, meaning that a single device can reside in more than one group and so a Change Tracker user can dial in granular coverage for the systems within the organization.

Read more »

pennsylvania city struggles to remediate $1M Cyber attack

The city of Allentown, Pennsylvania is struggling to remediate a recent malware attack that’s said to cost the city nearly $1 million to mitigate.

The city’s local newspaper The Morning Call reported that the city’s critical systems were hit by malware known as Emotet, impacting both financial and public safety operations. According to Mayor Ed Pawlowski, Allentown’s finance department can’t complete any external banking transactions, the city’s 185 surveillance cameras were impacted, and the police department is not able to access the Pennsylvania State Police databases.

Read more »

19m Cali voter records held for ransom

A database on a third party computer server comprised of over 19.5 million Californians voter records was exposed to the public internet before being held for ransom by hackers.

The information, which was obtained from the state for reporting purposes by Newspaper organization, the Sacramento Bee, exposed includes voter’s names, addresses, birth dates, and political affiliation. While this does not constitute as PII by the state, this information is more than enough to aid cybercriminals in convincing phishing campaigns.

Read more »

whitehouse reports cost of cyber attacks

The White House Council of Economic Advisers released a report last Friday that sought to quantify “malicious cyber activity directed at private and public entities”, including denial of service attacks, data breaches, theft of intellectual property, and sensitive financial and strategic information.

The report noted particular concern over attacks on critical infrastructure, including highways, power grids, communication systems, dams, and food production facilities that could lead to negative spillover impacts well beyond the target victims.

 Read more »

New Details Surface in Equifax breach 

New documents provided recently by Equifax to US senators revealed that the breach the company experienced last year may have involved types of data not mentioned in the initial disclosure of the incident.

Last May, malicious hackers exploited a known vulnerability in the Apache Struts development framework to gain unauthorized access to Equifax systems. The vulnerability was patched March 7, the same day it was announced, but Equifax security team failed to install the updates in a timely manner, leaving 143 million individuals to suffer the consequences.

Read more »