Educause Security Discussion mailing list archives

Re: neuralgic.net

From: Paul Chauvet <chauvetp () NEWPALTZ EDU>
Date: Thu, 11 Feb 2016 00:57:15 +0000

We also received a notice from them, and it let us know about one of our Wordpress sites (that is not managed by the 
normal server group) that was out of date.


As others have said, it was a valid report and was useful, but still surprising to see it out of the blue like that.

It was sent to our technical and administrative contacts on our whois record.


Paul Chauvet

Information Security Officer

State University of New York at New Paltz

845-257-3828

chauvetp () newpaltz edu

[http://www.newpaltz.edu/identity/toolbox/emlogo.png]


________________________________
From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Hillhouse, Bob 
(Bob) <bob () UTK EDU>
Sent: Wednesday, February 10, 2016 12:06 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] neuralgic.net

We received the same notice and did a bit of investigation into both the monitoring service and the findings of the 
report. It was accurate. It's also pretty revealing when you look at the reports for other universities and government 
agencies that have been hacked.

We didn't seek out the service but pursue the findings.

-
Bob Hillhouse, CISSP
Associate CIO & Chief Information Security Officer
The University of Tennessee, Knoxville
bob () utk edu<mailto:bob () utk edu>
865-406-8981 (cell)
865-974-8445 (office)

Keep your NetID information secure. Don't reply to any email or click on a link that asks for your personal 
information. Report any suspicious requests to the OIT HelpDesk at (865) 974-9900.

From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> on behalf of "Frazier, William S [ITSYS]" <frazier () IASTATE EDU<mailto:frazier () IASTATE EDU>>
Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>>
Date: Wednesday, February 10, 2016 at 10:48 AM
To: <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Subject: Re: [SECURITY] neuralgic.net

We got this today.  Sent to our admin and tech mailing addresses.  I don't believe it is something we sought but we are 
going to validate and, if valid, pursue.

Bill
----------------------------------------------
William Frazier
Iowa State University
frazier () iastate edu<mailto:frazier () iastate edu>


From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> on behalf of Patricia Malek <pamalek () LOYOLA EDU<mailto:pamalek () LOYOLA EDU>>
Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>>
Date: Wednesday, February 10, 2016 at 9:31 AM
To: "SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>" <SECURITY () LISTSERV EDUCAUSE 
EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Subject: [SECURITY] neuralgic.net


Good Morning,



I am wondering if anyone has received an alert from an organization called Neuralgic 
(www.neuralgic.net<http://www.neuralgic.net>) regarding vulnerabilities they specifically identified on your websites?  
  According to their website, they define their organization as:



Neuralgic crawls and detects specific hack patterns such as code injections hitting the safety, the integrity and the 
notoriety of university and government websites in order to help CISO and webmasters to discover, clean it up and 
enhance the cybersecurity of their organization. Neuralgic has been thanked by CERTs and Universities from 5 continents.







I hoping to get some feedback regarding the legitimacy of the organization and if anyone has signed up for their 
service.



Thank you for your attention in this matter.



Patricia Malek, CISSP, GSEC

Director of Security

Technology Services

Loyola University Maryland

Office - 410-617-5533

pamalek () loyola edu<mailto:pamalek () loyola edu>



Security Alert: Loyola Technology Services will never ask for your password.  Please do not share it with others.

Current thread:

neuralgic.net Patricia Malek (Feb 10)
- Re: neuralgic.net Greg Williams (Feb 10)
- Re: neuralgic.net Frazier, William S [ITSYS] (Feb 10)
  - Re: neuralgic.net Hillhouse, Bob (Bob) (Feb 10)
    - Re: neuralgic.net Paul Chauvet (Feb 10)
    - Re: neuralgic.net Jimenez, Julio (Feb 10)