Reusing Passwords on Multiple Sites

Two high profile breaches have resurfaced in the media again along with a newly announced breach. LinkedIn was breached in 2012, Tumblr in 2013 and most recently MySpace in June 2016.  If you had accounts at any of these sites, you may have been advised to change your password, and as a good cyber citizen, you probably logged on and made the obligatory password change.  But did you think through the consequences?

This entry was posted in Uncategorized, passwords, password security on June 15, 2016 by Kimberly K

Benchmarks-for-Windows Updates

By Jordan C. Rakoske

We have exciting news about our Windows releases! Over the past year and a half, our Windows community has worked very hard reviewing all of the benchmarks that we had previously released as well as focusing on the new upcoming line of Windows OS's (Windows 10 and Server 2016). Our First big updates released were our Windows 8.1 v2.0.0, Server 2012 R2 v2.0.0, and Windows 10 v1.0.0. Since then we have spent months reviewing all of the new and old Windows settings across all of our Windows Benchmarks. We worked closely with Aaron Margosis and Rick Munck from Microsoft to answer any technical questions that came up in the community and to help address some items within Microsoft Group Policy Templates.

This entry was posted in Benchmarks Community Updates, Uncategorized on May 10, 2016 by Chad R


by Dilan Samarasinghe, SOC Analyst


MS-ISAC has recently observed an increase in malware that is most often disseminated through malvertising. Malvertising, or malicious advertising, is the use of online, malicious advertisements to spread malware and compromise systems. Generally this occurs through the injection of unwanted or malicious code into ads. Malicious actors then pay legitimate online advertising networks to display the infected ads on various websites, exposing every user visiting these sites to the potential risk of infection. Generally, the legitimate advertising networks and websites are not aware they are serving malicious content.

This entry was posted in Uncategorized, Threats & Vulnerabilities, Malvertising on April 28, 2016 by Chad R

CIS Community Newsletter - April 19, 2016

CIS Community Newsletter 

1. Benchmark Participation Needed for NGINX, Palo Alto and Cisco ASA

Your feedback and participation helps ensure that CIS Benchmarks continue to reflect security best practice. All contributors will receive attribution in the associated Benchmark and are eligible to earn CPE credits toward maintaining (ISC)2 certifications. We’re looking for help in the following areas:

• Palo Alto Networks – Editors and contributors needed to provide feedback and test draft benchmark

• NGINX – Editors and contributors needed to define scope, draft the benchmark, test and provide feedback

• Cisco ASA – Editors and contributors needed update existing benchmark, test and provide feedback

This entry was posted in Benchmarks Community Updates, Uncategorized on April 19, 2016 by Chad R

New Year’s Resolutions for a CISO

New Year’s Resolutions for a CISO

By the I&AWG

Every January 1st we take a few minutes to reevaluate our lives and where we want to be, and then create (occasionally) realistic resolutions to make our lives healthier or happier. It’s a tradition. A week or a month or two later we skip, slide, and forget about these resolutions until another January 1st rolls around and reminds us that we were going to do something.

So here we are, beginning February, the traditional time when resolutions start to slip, with a few new ones for you. While the following 15 resolutions won’t get you to an exotic island or help you hit the gym more often, hopefully, these will bring some happiness and ease into your work as a CISO. So pick a few (or take on them all!) and hop onto the bandwagon to do more this year with these easy (easier) resolutions that will make a difference in 2016. (There is also a handy one-page printable version that you can hang as a reminder or print and put by the water cooler to get everyone on board with improving cybersecurity.)

This entry was posted in Uncategorized, Resolution, CISO on February 12, 2016 by Chad R

What is Cyber Threat Intelligence?

by Intel & Analysis Working Group

This blog is the first of several by the Multi-State Information Sharing and Analysis Center’s (MS-ISAC) Intel & Analysis Working Group (I&AWG) on Cyber Threat Intelligence and intelligence analysis. Starting with this blog we will explore what is cyber threat intelligence, and examine what it is used for, its value to MS-ISAC members, the difficulties inherent in developing cyber threat intelligence, and the varying components of intelligence, such as Words of Estimative Probability.

Cyber threat intelligence is what cyber threat information becomes once it has been collected, evaluated in the context of its source and reliability, and analyzed through rigorous and structured tradecraft techniques by those with substantive expertise and access to all-source information. Like all intelligence, cyber threat intelligence provides a value-add to cyber threat information, which reduces uncertainty for the consumer, while aiding the consumer in identifying threats and opportunities. It requires that analysts identify similarities and differences in vast quantities of information and detect deceptions to produce accurate, timely, and relevant intelligence.

This entry was posted in Uncategorized, intelligence analysis, cyber threat intelligence, MS-ISAC on October 26, 2015 by Amanda B

Securing Internet-Connected Video Devices

Ben Spear, Intel Cyber Analyst

This entry was posted in Uncategorized, Threats & Vulnerabilities on December 05, 2014 by Chad R

Cyber Security is Our Shared Responsibility Celebrate National Cyber Security Awareness Month and Help Make a Difference in Improving Security

National Cyber Security Awareness Month (NCSAM) kicked-off in Nashville this morning with a launch event featuring the U.S. Department of Homeland Security, the Center for Internet Security/Multi-State ISAC, the National Association of Chief Information Officers, the National Cyber Security Alliance and many other partners, who gathered to celebrate the eleventh year of Awareness Month.

This entry was posted in Uncategorized on October 01, 2014 by Chad R

WordPress Pingback Feature being used in DDoS Attacks

WordPress Pingback Feature being used in DDoS Attacks

This entry was posted in Uncategorized on March 21, 2014 by Chad R

2014 Cyber Threat Outlook for SLTT Governments

Written by Stacey Wright, Senior Security Intelligence Analyst

This entry was posted in Uncategorized on February 19, 2014 by Chad R