Two distinct vulnerabilities dubbed Meltdown and Spectre potentially affect almost every system1.  In a world that is already saturated with cyberattacks and vulnerabilities, it is easy to succumb to cyber threat fatigue when discussing two new outbreaks.  Even though there have been no confirmed reports of attacks that have taken advantage of these newly exposed vulnerabilities, they are highly concerning.  That is because they involve the CPU, the fundamental building block of the internet, corporate networks and PCs.
What is the Risk?
Data is constantly running through spaces within CPUs and system memory in raw and unencrypted form.  Fortunately, there are protections to protect this data and prevent it from being observed or inadvertently accessed.  A CPU requires permission to implement a task in the same manner a user requires permission to run an application or access a file. The problem is that 22 years ago, someone decided to rush the processes implemented by the CPU in order to make it faster.  
Halock Newsletter Template Landing page,
Halock Newsletter Template Landing page,
Ann & Robert H. Lurie Children’s Hospital of Chicago: Step Up for Kids & Team HALOCK Heroes
Our families are climbing the AON Center in support of the Family Services Department of Ann & Robert H. Lurie Children’s Hospital of Chicago. Help the cause by climbing with us, donating, or spreading the word.

Every bit helps, did you know that just a few dollars can provide so much: 
$35: Beads of Courage starter kit for a child with cancer
$60: Adaptive toy for children with special needs and disabilities to use during play and therapy sessions
$240: Two days of Rainbow Dog pet therapy for patients  
Our son’s care and treatment at Lurie’s was the saving grace during a difficult time. They took care of the whole family. We are forever grateful to them. I’m happy to have our son joining us for our climb,” expressed Cindy Kaplan, HALOCK Heroes.  
Halock Newsletter Template Landing page,
Halock Newsletter Template Landing page,
3...2...February 1, 2018 Are you ready for PCI DSS 3.2? 
With the release of version 3.2 of the PCI DSS, 9 new requirements were introduced. These new requirements were introduced to the standard to ensure that it is up to date with emerging threats and changes in the market. These 9 new PCI DSS 3.2 requirements are best practices until January 31, 2018, after which it becomes a full compliance requirement. 
Did you know?
  • Even if your validation date is not until later in the year, your organization is expected to have these requirements in place by February 1st
  • Only 2 of these new requirements apply to PCI Merchants – the other 7 only apply to PCI Service Providers
  • You may need to budget for additional multi-factor authentication or additional penetration testing (for PCI Service Providers)
Here’s a quick look at the new requirements that need to be addressed by February 1st, 2018.

Halock Newsletter Template Landing page,
Halock Newsletter Template Landing page,
Halock Newsletter Template Landing page,
8 Things to Help Make Your 2018 Penetration Testing a Success
From a macro point of view, 2017 was a rough year when it comes to cybersecurity.  As spring turned into summer last year, we watched the WannaCry and NotPetya malware viruses implement global infestation, creating lost productivity that negatively affected both quarterly earnings and stock prices, costing some companies billions.  The massive Equifax breech in the fall compromised the data of nearly one-half of the U.S. population in some way as 2017 saw a 20% increase in data breaches.  The fact is that the volume and magnitude of cyberattacks is growing year over year. 
Halock Newsletter Template Landing page,
JAN 25, 2018
Midwest Cyber Security Alliance - Incident Response Plan
Presenter: Glenn Stout
FEB 13, 2018
Duty of Care Risk Analysis: Getting consensus from legal, information security, and executive management.
Presenter: Terry Kurzynski
June 6, 2018
CISO Executive Summit
Chicago, IL
June 12, 2018
SecureXII ISSA & ISACA Conference
June 12-14, 2018
Cyber Risk Summit
Philadelphia, PA
Panel: Getting to "Reasonable Cyber Risk" 
Moderator: Chris Cronin
Sept 25-26, 2018                                                                         
Forrester Privacy & Security 2018                      Washington, DC                                                       
HALOCK Security Labs
1834 Walden Office Square | Suite 200 | Schaumburg, IL 60173
P: 844.570.4666 | INCIDENT RESPONSE HOTLINE 800.925.0559
© 2018 HALOCK Security Labs. All rights Reserved.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.