Systems Engineering is aware of the FBI and CISA joint security advisory indicating threat actors are potentially using multiple Common Vulnerabilities and Exposures (CVE) to exploit Fortinet operating systems, known as FortiOS. The advisory calls out three vulnerabilities that may be used to gain access to business networks to begin data exfiltration or data encryption attacks. Vulnerabilities include;

Systems Engineering is aware of multiple vulnerabilities within Cisco Jabber Client software. These vulnerabilities affect Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for Mobile platforms. Vulnerabilities include:

Qualys Cloud Platform is the incident response and breach prevention vendor used at Systems Engineering to perform monthly external vulnerability scan for our customers. Recently, Qualys released a statement relating to a previously identified zero-day exploit in one of their third-party solutions (Accellion FTA).

UPDATE MARCH 8, 2021

Systems Engineering learned of the Exchange on-premises server vulnerability on Tuesday, March 2nd, and activated our incident response plan.  

Important information for organizations who have Microsoft Windows Server 2008 Domain Controllers or with unsupported systems.

Within the last decade, small to medium-sized businesses (SMB) have embraced cloud technologies. The promises of agility, productivity, resiliency, and scalability are appealing benefits to any business leader. If you were to look around your business today, you may find the cloud touching almost every aspect of it. While cloud technologies offer significant benefits, they also introduce new security risks. This leaves executives searching for effective cybersecurity tools and solutions to reduce chances of a high-priced, high-profile data breach.

Cybercriminals have small to medium-sized businesses in their crosshairs, and they are using phishing emails to lure them in. The reality is, any organization with sensitive data can be a target for cybercriminals. They have learned to precisely craft their phishing emails to trick spam filters and fool unsuspecting victims into clicking. Once this happens, the cybercriminals have the green light to proceed with their scam. Learn about the types of phishing emails used today and steps your organization can take to reduce the risk of phishing attacks.