8042124352
JAN 2018
 |
 |
 |
 |
WHY THE MELTDOWN/SPECTRE VULNERABILITIES ARE IMPORTANT TO YOU
Two distinct vulnerabilities dubbed Meltdown and Spectre potentially affect almost every system1. In a world that is already saturated with cyberattacks and vulnerabilities, it is easy to succumb to cyber threat fatigue when discussing two new outbreaks. Even though there have been no confirmed reports of attacks that have taken advantage of these newly exposed vulnerabilities, they are highly concerning. That is because they involve the CPU, the fundamental building block of the internet, corporate networks and PCs.
What is the Risk?
Data is constantly running through spaces within CPUs and system memory in raw and unencrypted form. Fortunately, there are protections to protect this data and prevent it from being observed or inadvertently accessed. A CPU requires permission to implement a task in the same manner a user requires permission to run an application or access a file. The problem is that 22 years ago, someone decided to rush the processes implemented by the CPU in order to make it faster.
DOWNLOAD INFOSEC TIP POSTERS
 |
 |
Ann & Robert H. Lurie Children’s Hospital of Chicago: Step Up for Kids & Team HALOCK Heroes
Our families are climbing the AON Center in support of the Family Services Department of Ann & Robert H. Lurie Children’s Hospital of Chicago. Help the cause by climbing with us, donating, or spreading the word.
Every bit helps, did you know that just a few dollars can provide so much:
$35: Beads of Courage starter kit for a child with cancer
$60: Adaptive toy for children with special needs and disabilities to use during play and therapy sessions
$240: Two days of Rainbow Dog pet therapy for patients
“Our son’s care and treatment at Lurie’s was the saving grace during a difficult time. They took care of the whole family. We are forever grateful to them. I’m happy to have our son joining us for our climb,” expressed Cindy Kaplan, HALOCK Heroes.
|
 |
3...2...February 1, 2018 Are you ready for PCI DSS 3.2?
With the release of version 3.2 of the PCI DSS, 9 new requirements were introduced. These new requirements were introduced to the standard to ensure that it is up to date with emerging threats and changes in the market. These 9 new PCI DSS 3.2 requirements are best practices until January 31, 2018, after which it becomes a full compliance requirement.
Did you know?
- Even if your validation date is not until later in the year, your organization is expected to have these requirements in place by February 1st
- Only 2 of these new requirements apply to PCI Merchants – the other 7 only apply to PCI Service Providers
- You may need to budget for additional multi-factor authentication or additional penetration testing (for PCI Service Providers)
Here’s a quick look at the new requirements that need to be addressed by February 1st, 2018.
 |
|
 |
8 Things to Help Make Your 2018 Penetration Testing a Success
From a macro point of view, 2017 was a rough year when it comes to cybersecurity. As spring turned into summer last year, we watched the WannaCry and NotPetya malware viruses implement global infestation, creating lost productivity that negatively affected both quarterly earnings and stock prices, costing some companies billions. The massive Equifax breech in the fall compromised the data of nearly one-half of the U.S. population in some way as 2017 saw a 20% increase in data breaches. The fact is that the volume and magnitude of cyberattacks is growing year over year.
|
EVENTS
| DATE | EVENT | DETAILS |
| JAN 25, 2018 | Midwest Cyber Security Alliance - Incident Response Plan | Presenter: Glenn Stout . |
| FEB 13, 2018 | Duty of Care Risk Analysis: Getting consensus from legal, information security, and executive management. Presenter: Terry Kurzynski | |
| June 6, 2018 | CISO Executive Summit Chicago, IL | . . |
| June 12, 2018 | SecureXII ISSA & ISACA Conference | |
| June 12-14, 2018 | NetDiligence Cyber Risk Summit Philadelphia, PA | Panel: Getting to "Reasonable Cyber Risk" Moderator: Chris Cronin |
| Sept 25-26, 2018 | Forrester Privacy & Security 2018 Washington, DC | . |
HALOCK Security Labs
1834 Walden Office Square | Suite 200 | Schaumburg, IL 60173
P: 8042124352
https://www.halock.com
1834 Walden Office Square | Suite 200 | Schaumburg, IL 60173
P: 8042124352
https://www.halock.com
© 2018 HALOCK Security Labs. All rights Reserved.