NIST 800-171 Compliance actually means DFARS Cybersecurity requirements must be met. The NIST 800-171 requirements have always vexed small manufacturers due to the specific wordiness, so the NIST (National Institute of Standards and Technology) has been trying to make this easier to understand with the following pdf: https://nvlpubs.nist.gov/nistpubs/hb/2017/NIST.HB.162.pdf This is an important paragraph: from pdf Executive … Read more
This could make many “thought safe” Wi-Fi routers not so Here is where paying attention to new attacks is important. hashcat.net has the information: This attack does not even need a full EAPOL 4-way handshake, EAPOL stands for Extensible Authentication Protocol(EAP) over LAN. A simple 4-way handshake is shown pictorially below (from hitchhikersguidetolearning.com) This means that … Read more
This document was updated and created to protect CUI – Controlled Unclassified Information for all government entities. So if you want to have a contract with the government you better have a plan in place. Due to Executive order 13556 (Nov 4, 2010), Controlled Unclassified Information program to standardize unclassified information and designated the NARA … Read more
53 vulnerabilities in today’s Patch Tuesday There is a Dashboard set up by Morphus Labs 3 publicly disclosed and 17 critical. It is always important to keep up on your patching regimen, as today’s vulnerabilities become more and more dangerous in the future. But one has to assess the current and older vulnerabilities with what … Read more
So the Criminal hackers have to get more sophisticated as some networks are patching their devices. You must have heard of the Casino that got breached through a thermometer in the fish tank? We get excited with new capabilities of Internet connectivity. But unfortunately we forget that a Cybersecurity weak device can open doors … Read more
