Systems Engineering is paying special attention to a Cisco IOS XE Software Web UI Command Injection Vulnerability that was announced earlier this week. Also known as "ThrangryCat Vulnerability," it is serious enough to get the attention of the press. As quoted on ZDNet, "This vulnerability allows hackers to plant persistent "backdoors" on Cisco gear, even over the Internet, with no physical access to vulnerable devices."
A bug in Microsoft’s Remote Desktop Services has been discovered. The vulnerability allows an attacker to take over a Windows PC if it’s connected to the internet and is operating with an out-of-support operating system. Not all machines are vulnerable, but the number of exposed machines makes it likely that somebody will come up with a worm.
The promises of productivity in the cloud continue to ring true. Access to your data from anywhere, at any time, with the ability to collaborate in real-time, is truly revolutionary and is providing a competitive advantage for organizations in every industry. However, access from anywhere means that without sufficient protections, the wrong people can gain access to your data by easily hacking usernames and passwords.
If your organization is still utilizing Windows 7 SP1, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2, please read this article in its entirety.
The 2018 Human Factor report by Proofpoint states that as many as 95% of web-based attacks now incorporate social engineering, or human error factor. So, with that simple fact, how can your organization prevent its employees from releasing confidential and critical information?
It's a new year which makes it a great time to prioritize your technology initiatives. As technology changes dramatically, the headlines continue to focus on the same themes: Security, Cloud, and Digital Transformation. In this blog article, I will review important "to do's" within each category and offer ways you and your organization can achieve these important IT goals.
As we all work through our holiday gift giving lists this "Cyber Monday," it's important to be cyber aware of "the Grinch" lurking in the corners waiting to steal our confidential information. So, before you begin to cross the names off your list while experiencing that great sense of accomplishment, take a few moments to read through these "cyber shopping" best practices to protect yourself and your personal identifiable information (PII). Nobody wants to spend the holidays recovering their data or identity.
When it comes to good security practices, compliance and documented policies require a top-to-bottom effort from management, operations, human resources, and the IT team. After all, the right security practices and solutions can be created and when a business can prove that solid policies and practices are in place, it provides peace of mind to its clients, partners, and auditors.
So, let's start from the beginning.
At Systems Engineering team, we are very conscious about practicing good IT security measures. As such, it's important to remember that protecting confidential data spans from desktops, to the cloud, to mobile devices, and more.