syse-blog-header

SECURITY ALERT: MS Exchange Server Remote Code Execution Vulnerability

July 15, 2021

The July 2021 Microsoft Patch Tuesday updates were released on July 13. One of those patches addressed a publicly disclosed but unexploited, zero-day vulnerability classified as CVE-2021-34473 - Microsoft Exchange Server Remote Code Execution Vulnerability. This vulnerability affects on-premises Exchange servers 2013, 2016, and 2019, and was assigned a severity of critical.

Read More »

Security Bulletins & Alerts

SECURITY BULLETIN: Kaseya VSA Security Incident

July 08, 2021

UPDATE: July 27, 2021

In a Friday, July 23, 2021 announcement, the Kaseya Incident Response team reported no reports or issues with their remediation efforts for customers impacted by the July 2nd localized ransomware attack against their VSA on-premises product. Due to this positive report, Systems Engineering has resumed the use of the two unaffected Kaseya modules we were monitoring as a result of the original VSA attack.

Read More »

Security Bulletins & Alerts

SECURITY ALERT: Windows Print Spooler Vulnerability - PrintNightmare

July 01, 2021

UPDATE: July 7, 2021

As of July 6th, Microsoft has completed investigations and released security updates (patches) to address the Windows Print Spooler vulnerability. Systems Engineering recommends patching your workstations and servers to address this and any future vulnerabilities. Our clients who

Read More »

Security Bulletins & Alerts

SECURITY ALERT: Microsoft On-Premises Exchange Server Vulnerability for April 2021

April 15, 2021

On April 13, Microsoft released its monthly patches for vulnerabilities found within their products. In their release announcement, Microsoft strongly recommends prioritizing the CVE 2021 28481 security update which affects Exchange servers 2013, 2016, and 2019. This vulnerability allows hackers access to mailboxes to read or even exfiltrate sensitive information.

Read More »

Security Bulletins & Alerts

SECURITY ALERT: Multiple Fortinet Operating System Vulnerabilities

April 06, 2021

Systems Engineering is aware of the FBI and CISA joint security advisory indicating threat actors are potentially using multiple Common Vulnerabilities and Exposures (CVE) to exploit Fortinet operating systems, known as FortiOS. The advisory calls out three vulnerabilities that may be used to gain access to business networks to begin data exfiltration or data encryption attacks. Vulnerabilities include;

Read More »

Security Bulletins & Alerts

SECURITY ALERT: Cisco Jabber Desktop and Mobile Client Software Vulnerabilities

March 31, 2021

Systems Engineering is aware of multiple vulnerabilities within Cisco Jabber Client software. These vulnerabilities affect Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for Mobile platforms. Vulnerabilities include:

Read More »

Security Bulletins & Alerts

SECURITY BULLETIN: Qualys Update on Third-Party Security Incident

March 08, 2021

Qualys Cloud Platform is the incident response and breach prevention vendor used at Systems Engineering to perform monthly external vulnerability scan for our customers. Recently, Qualys released a statement relating to a previously identified zero-day exploit in one of their third-party solutions (Accellion FTA).

Read More »

Security Bulletins & Alerts