Re: neuralgic.net

["Hillhouse, Bob (Bob)" <bob () UTK EDU>]

We received the same notice and did a bit of investigation into both the monitoring service and the findings of the 
report. It was accurate. It’s also pretty revealing when you look at the reports for other universities and government 
agencies that have been hacked.

We didn’t seek out the service but pursue the findings.

—
Bob Hillhouse, CISSP
Associate CIO & Chief Information Security Officer
The University of Tennessee, Knoxville
bob () utk edu<mailto:bob () utk edu>
865-406-8981 (cell)
865-974-8445 (office)

Keep your NetID information secure. Don't reply to any email or click on a link that asks for your personal 
information. Report any suspicious requests to the OIT HelpDesk at (865) 974-9900.

From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> on behalf of "Frazier, William S [ITSYS]" <frazier () IASTATE EDU<mailto:frazier () IASTATE EDU>>
Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>>
Date: Wednesday, February 10, 2016 at 10:48 AM
To: <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Subject: Re: [SECURITY] neuralgic.net

We got this today.  Sent to our admin and tech mailing addresses.  I don’t believe it is something we sought but we are 
going to validate and, if valid, pursue.

Bill
----------------------------------------------
William Frazier
Iowa State University
frazier () iastate edu<mailto:frazier () iastate edu>


From: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV 
EDUCAUSE EDU>> on behalf of Patricia Malek <pamalek () LOYOLA EDU<mailto:pamalek () LOYOLA EDU>>
Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>>
Date: Wednesday, February 10, 2016 at 9:31 AM
To: "SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>" <SECURITY () LISTSERV EDUCAUSE 
EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Subject: [SECURITY] neuralgic.net

Good Morning,

I am wondering if anyone has received an alert from an organization called Neuralgic 
(www.neuralgic.net<http://www.neuralgic.net>) regarding vulnerabilities they specifically identified on your websites?  
  According to their website, they define their organization as:

Neuralgic crawls and detects specific hack patterns such as code injections hitting the safety, the integrity and the 
notoriety of university and government websites in order to help CISO and webmasters to discover, clean it up and 
enhance the cybersecurity of their organization. Neuralgic has been thanked by CERTs and Universities from 5 continents.



I hoping to get some feedback regarding the legitimacy of the organization and if anyone has signed up for their 
service.

Thank you for your attention in this matter.

Patricia Malek, CISSP, GSEC
Director of Security
Technology Services
Loyola University Maryland
Office – 410-617-5533
pamalek () loyola edu<mailto:pamalek () loyola edu>

Security Alert: Loyola Technology Services will never ask for your password.  Please do not share it with others.