Systems Engineering is aware of the vulnerability affecting customers with Fortinet Firewalls who are using an SSL VPN (Secure Sockets Layers Virtual Private Network) to connect to their offices remotely. This vulnerability utilizes an improper limitation of a pathname to a restricted directory ("path traversal") in multiple Fortinet OS versions under the SSL VPN web portal.
Microsoft recently announced a pair of Windows 10 Remote Code Execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182. These vulnerabilities allow cybercriminals to obtain remote control of a computer over a network connection. Microsoft discovered the vulnerabilities during routine testing of Windows 10, which allowed them to publish the required security updates and notify the public at the same time.
Most employees want to be productive. As cloud service consumers, we have become accustomed to finding a tool or app that will help us fill a need and simply buy it without obtaining approval from our organization first. This practice of employees bypassing IT management to procure tools and services without proper vetting has infiltrated the workplace and is known as Shadow IT.
Trends in Information Technology are continuously changing and, as a result, organizations are having to adapt to those changes. Let's look at the most prominent IT trends that are showing up today.
I spent a lot of time early in my career solving complicated problems related to security. In the late 1990's, I consulted as a civilian for the NSA to help automate the 'need-to-know' access of their internal web infrastructure and documentation. I followed that with some time as a Reserve Information Operations Officer for the U.S. Army, and then working for financial services companies including VISA during the birth of the PCI standards. Needless to say, the security field is one with overwhelming depth and it can be challenging for companies to make an iterative, incremental plan to become more secure.
Systems Engineering is paying special attention to a Cisco IOS XE Software Web UI Command Injection Vulnerability that was announced earlier this week. Also known as "ThrangryCat Vulnerability," it is serious enough to get the attention of the press. As quoted on ZDNet, "This vulnerability allows hackers to plant persistent "backdoors" on Cisco gear, even over the Internet, with no physical access to vulnerable devices."
A bug in Microsoft’s Remote Desktop Services has been discovered. The vulnerability allows an attacker to take over a Windows PC if it’s connected to the internet and is operating with an out-of-support operating system. Not all machines are vulnerable, but the number of exposed machines makes it likely that somebody will come up with a worm.
The promises of productivity in the cloud continue to ring true. Access to your data from anywhere, at any time, with the ability to collaborate in real-time, is truly revolutionary and is providing a competitive advantage for organizations in every industry. However, access from anywhere means that without sufficient protections, the wrong people can gain access to your data by easily hacking usernames and passwords.
If your organization is still utilizing Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2, please read this article in its entirety.
The 2018 Human Factor report by Proofpoint states that as many as 95% of web-based attacks now incorporate social engineering, or human error factor. So, with that simple fact, how can your organization prevent its employees from releasing confidential and critical information?