888.624.6737

syse-blog-header

BLOG

Security Alert: Cisco Discovery Protocol Vulnerability

February 07, 2020

Recently, Cisco released a series of ‘High Severity’ vulnerabilities that relate to the Cisco Discovery Protocol (CDP), which is Cisco’s proprietary mechanism used by their devices to broadcast identities to one another across private/secured networks. For example, accessories such as VOIP Phones will use CDP to determine which VLAN the switch is using for voice traffic.

Read More »

Systems Engineering Alert, IT Security

Security Bulletin: Windows 10 Crypto Vulnerability

January 15, 2020

Yesterday Microsoft announced and delivered a fix for a serious vulnerability in Windows 10 cryptography function (CVE-2020-0601). The NSA had previously discovered and notified Microsoft to develop a solution. Microsoft also stated that they had seen no exploit of this vulnerability to date. The vulnerability would allow an attacker to disguise their malicious software as a valid and certified piece of code; thereby spoofing the Windows 10 PC or Windows Server 2019 into thinking it is legitimate code that can be trusted and therefore executed.

Read More »

Systems Engineering Alert, IT Security

End-of-Life for Microsoft Windows 7

January 14, 2020

The time for planning has ended. Microsoft will no longer provide extended support for Windows 7. While Extended Security Updates (ESU) may be available for Professional and Enterprise editions of Windows 7 (for a maximum of three years from January 14, 2020), this option will come at an increasing cost to organizations.

Read More »

General, Cloud, Data Points, IT Strategy, IT Security

Security Bulletin: Citrix Application Delivery Controller and Citrix Gateway Vulnerability

January 03, 2020

Citrix recently published a critical security bulletin (CVE-2019-19781) advising users of a vulnerability in the Citrix Application Delivery Controller (ADC) device formerly known as NetScaler ADC, Citrix Gateway, and NetScaler Gateway. If exploited, it can allow an unauthenticated attacker to execute code on the appliance that can lead to possibly compromising a critical perimeter security component. Many organizations rely on these devices as load balancers to control access from the outside to internal Citrix Servers and to terminate SSL VPNs.

Read More »

Systems Engineering Alert, IT Security

10 Cybersecurity Best Practices in 2020

December 18, 2019

In light of the uptick in breaches at small and medium-sized businesses (SMB) in the last 12-months, I wanted to briefly review the cyberthreat landscape and offer some cybersecurity best practices organizations can implement to better position their businesses against the bad guys.

Read More »

IT Security

Multi-Factor Authentication: Prevent Unauthorized Access With Stolen Credentials

December 13, 2019

Have you noticed consumer and business sites including mobile applications requiring multiple steps to verify who you are? Perhaps you’ve set-up a multi-step verification method to access your bank or Google email account?  This security measure is growing in popularity as most data breaches today begin with a set of compromised credentials. From financial institutions to online stores to social media sites, many businesses are now requiring multiple factors of verification to ensure a user is who they say they are, reducing the chances of a cybercriminal successfully gaining access to their networks.

Read More »

Data Protection, Compliance, Cybercrime, IT Security

What is Multi-Factor Authentication (MFA) and How does it work?

December 12, 2019

Today, your applications and files are no longer all contained within your four walls. Your staff may work from home or is on the move which means they are accessing your company's data and apps from multiple locations and on multiple devices. To keep your data secure, you need to know who is knocking at the door before you let them in. Your business might require complex passwords, but in reality, your staff is most likely using the same passwords across personal and business accounts, and the cybercriminals know it.

Read More »

Data Protection, Compliance, Cybercrime, IT Security

It's Cyber Monday, So Be Cyber Aware

December 02, 2019

Every year, Cyber Monday brings us incredible deals and discounts; however, it's also the time of year when cybercriminals increase their efforts to steal our money and confidential information. To stay safe while shopping online, keep the following cybersafety tips in mind.

Read More »

Data Protection, Cybercrime, IT Security

Security Alert: Cisco ASA and FTD Security Advisory Bundled Publication

October 29, 2019

Cisco recently released a collection of 10 security advisories against Cisco's Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software. The collection includes a few high-risk vulnerabilities that affect File Transfer Protocol (FTP) Inspection, Session Initiated Protocol (SIP) inspection that could lead to a denial-of-service condition. Importantly, Cisco is not aware of any public exploitation of the vulnerabilities. 

Read More »

Systems Engineering Alert, IT Security

Disposing of E-waste Securely and Responsibly

October 21, 2019

In 2018, there was 49.8 million tons of e-waste generated worldwide. The US contributed a staggering 10 million tons of this waste, and our share is growing. As environmental and health concerns arise over the ever-increasing e-waste, it is the responsibility of everyone to ensure its proper disposal.

Read More »

General, IT Consulting, Compliance, IT Security, Technology Trends