Petronella Cybersecurity News

Waves are everywhere, even if you don’t see them. In fact, you can’t see them until you observe them- hence the very weird “double-slit” experiment. As patterns go, they extend for what appears to be forever. Don’t believe us? Just ask the fractal (rapidly expanding) universe. Talk about a bad case of entropy! Surprisingly, these […]

It was a dark week in US politics last week, ranging from the storming of the Capitol Building on January 6 to impeachment papers being drafted on the president, for inciting said act. But it’s turning out to be a dark week for others, as well. Take John Matze, for example.  He is the CEO […]

While we don’t have all the data in just yet, one trend that is clear?  Overall Cyber Security in the US in 2020 was just as abysmal as predicted. Despite all the posts we wrote warning our readers that hackers had no shame and would exploit as many Americans working from home this year due […]

With only 8 days in, 2021 boasts a smorgasbord of choices for “Breaking News” headlines. Our favorite?  Bitcoin. The flagship cryptocurrency has hit record milestones, making believers out of many. From Forbes: “The bitcoin price has added a staggering 400% over the last 12 months, climbing as institutional investors warm to the cryptocurrency and payments […]

The breach of the Capitol building this week was both shocking and scary, but what is clear from the pictures that are emerging is that it was not only the physical structure that was violated that day. What we have seen since Wednesday is that the MAGA rioters were able to not only able to […]

Critical Threat Discovered A hardcoded, admin-level backdoor vulnerability (CVE-2020-29583) has been found in over 1000,000 Zyxel firewalls, VPN gateways, and access point controllers.  Discovered by Eye Control researchers, these backdoor accounts can allow bad actors to access your information either via the web administration panel or the SSH interface This flaw is so vulnerable, in […]

With time going by and no real response from the White House regarding the SolarWinds breach, it can be pretty easy to forget about it and move on to the next media cycle.  Because that’s what we tend to do here in the US. However, doing that is just NOT a good idea in this […]

It’s true that the current administration does not appear to be reacting to the massive CozyBear cyber breach it fell victim to this year, but fortunately, it appears that somebody is doing something. Who is that somebody? This little company you may have heard of before; it’s called “Microsoft.”  And if there was ever a […]

We have been reporting for quite a while now that the cyber security within the US government, in general, is just NOT up to par.  The recent breach we have discussed over the last week or so really highlighted that fact.  It was well-known even before this Russian cyberattack but not much has really been […]

The DoD will begin including CMMC cyber security requirements in select solicitations beginning in 2021. Are you ready? It’s really not surprising that the DoD is concerned, especially if you have been following along with our last few blog posts about the massive breach that has compromised major US Governmental departments. As you probably know, […]

Every day, the information we learn about the FireEye hack just keeps getting increasingly worse. Last week we wrote about the hack occurring; yesterday we reported that not only was FireEye impacted, but the US government was, as well… Along with businesses and other governments across the globe; and today, we are starting to understand […]

We wrote last week about the irony of FireEye being successfully infiltrated by hackers, and we cut them some slack because we realized that the attack was highly sophisticated…  FireEye is a $3.5 billion Cyber Security firm that has some big and important clients, like the US government, and though Russia is saying that the […]

GoDaddy employees were the target of a sophisticated (and successful) cyber attack… Again. GoDaddy is THE biggest domain registry across the globe.  In this scam, hackers were able to lure GoDaddy employees into transferring control and/or ownership of specific domains over to them, closely mimicking a ploy conducted in March, in which bad actors used […]

I’m not sure who exactly needs to hear this?  But for those in the back: Hackers.  Have.  No.  Shame. They not only give zero flips that there’s a deadly pandemic raging here in the US, but they are using the vulnerabilities created by virtual class- and boardrooms to their advantage… To extreme degrees. Just ask […]

In “news-that-comes-as-a-surprise-to-absolutely-nobody-paying-attention-but-is-still-noteworthy, Chris Krebs (who has been telling anyone that would listen for over a week now that he knows it’s only a matter of time before he is let go), respected Head of the Cybersecurity and Infrastructure Security Agency (CISA), was fired last night around 7 p.m. via a tweet… exactly two weeks to […]

Based on some confusing and potentially conflicting information we have found, we thought it was extremely important to clarify all expectations that the DoD has of its primes, subs and vendors. From listening to podcasts, watching and attending webinars, and reading any and every publication and white paper we can get our hands on, one […]

Well, isn’t that ironic? It’s not a good look… You peddle in protecting businesses from cyber attacks, only to fall victim to a successful cyber crime, yourself. But to be completely fair, this was a highly sophisticated and systematic attack (payback, perhaps?  That’s pure speculation, by the way!) by what appears to be a concentrated […]

Penalties: Case Studies (An Excerpt from Craig’s newest book: “Ultimate Guide to CMMC: How to Access Millions in Government Contracts”) As we have established, it is clear that the “self-reporting” and “honor system” for government contractors who are required to abide by NIST 800-171 to gain government contracts is NOT working. But just because everyone […]

“CMMC certification is your Driver’s License on the Information Superhighway.” -Katie Arrington And if that’s the case (which it is), then the self-assessment required by the new DFARS Interim Rule is your permit… One that you must attain before December 1st, 2020 if you want to keep your car on the road- or your contract […]

Intrigue. Subterfuge. Deception. Suspense. Is this a new James Patterson novel?  No, but it could very well be…  This is the tale of a new kind of attack – an attack in the Digital Age, where one person, clicking on an expertly-executed devious email and opening an innocuous-looking Google Doc, allowed hackers in 2020 to […]